From c9d10b9bf324e6eecde07c403bb72ea4ca15b199 Mon Sep 17 00:00:00 2001 From: Dan Kortschak Date: Mon, 19 Sep 2022 10:11:16 +0930 Subject: [PATCH 1/3] sei: use ECS definition of geo.location This performs the the following replace: from: - description: Longitude and latitude\. level: core (name: .*\.geo\.location) type: geo_point or: - (name: .*\.geo\.location) description: Longitude and latitude\. example: '{ "lon": -73\.614830, "lat": 45\.505918 }' type: geo_point or: - description: Longitude and latitude\. example: '{ "lon": -73\.614830, "lat": 45\.505918 }' (name: .*\.geo\.location) type: geo_point to: - external: ecs $1 over all packages owned by Security External Integrations, except for deprecated packages. Changelog and manifest files were updated manually. --- packages/akamai/changelog.yml | 5 ++++ .../akamai/data_stream/siem/fields/ecs.yml | 4 +--- packages/akamai/manifest.yml | 2 +- packages/atlassian_confluence/changelog.yml | 5 ++++ .../data_stream/audit/fields/ecs.yml | 4 +--- packages/atlassian_confluence/manifest.yml | 2 +- packages/atlassian_jira/changelog.yml | 5 ++++ .../data_stream/audit/fields/ecs.yml | 4 +--- packages/atlassian_jira/manifest.yml | 2 +- packages/auditd/changelog.yml | 5 ++++ .../auditd/data_stream/log/fields/ecs.yml | 4 +--- packages/auditd/manifest.yml | 2 +- packages/auth0/changelog.yml | 5 ++++ .../auth0/data_stream/logs/fields/ecs.yml | 4 +--- packages/auth0/manifest.yml | 2 +- packages/barracuda/changelog.yml | 5 ++++ .../data_stream/spamfirewall/fields/ecs.yml | 8 ++----- .../barracuda/data_stream/waf/fields/ecs.yml | 8 ++----- packages/barracuda/manifest.yml | 2 +- packages/bluecoat/changelog.yml | 5 ++++ .../data_stream/director/fields/ecs.yml | 8 ++----- packages/bluecoat/manifest.yml | 2 +- packages/cef/changelog.yml | 5 ++++ packages/cef/data_stream/log/fields/ecs.yml | 8 ++----- packages/cef/manifest.yml | 2 +- packages/checkpoint/changelog.yml | 5 ++++ .../data_stream/firewall/fields/ecs.yml | 8 ++----- packages/checkpoint/manifest.yml | 2 +- packages/cisco_aironet/changelog.yml | 6 ++++- .../data_stream/log/fields/ecs.yml | 4 +--- packages/cisco_aironet/manifest.yml | 2 +- packages/cisco_asa/changelog.yml | 5 ++++ .../cisco_asa/data_stream/log/fields/ecs.yml | 8 ++----- packages/cisco_asa/manifest.yml | 2 +- packages/cisco_ftd/changelog.yml | 5 ++++ .../cisco_ftd/data_stream/log/fields/ecs.yml | 8 ++----- packages/cisco_ftd/manifest.yml | 2 +- packages/cisco_ios/changelog.yml | 5 ++++ .../cisco_ios/data_stream/log/fields/ecs.yml | 8 ++----- packages/cisco_ios/manifest.yml | 2 +- packages/cisco_meraki/changelog.yml | 5 ++++ .../data_stream/events/fields/ecs.yml | 8 ++----- .../data_stream/log/fields/ecs.yml | 12 +++------- packages/cisco_meraki/manifest.yml | 2 +- packages/cisco_nexus/changelog.yml | 5 ++++ .../data_stream/log/fields/ecs.yml | 8 ++----- packages/cisco_nexus/manifest.yml | 2 +- packages/cisco_secure_endpoint/changelog.yml | 5 ++++ .../data_stream/event/fields/ecs.yml | 4 +--- packages/cisco_secure_endpoint/manifest.yml | 2 +- packages/cisco_umbrella/changelog.yml | 5 ++++ .../data_stream/log/fields/ecs.yml | 8 ++----- packages/cisco_umbrella/manifest.yml | 2 +- packages/citrix_waf/changelog.yml | 5 ++++ .../citrix_waf/data_stream/log/fields/ecs.yml | 8 ++----- packages/citrix_waf/manifest.yml | 2 +- packages/cloudflare/changelog.yml | 5 ++++ .../data_stream/logpull/fields/ecs.yml | 4 +--- packages/cloudflare/manifest.yml | 2 +- packages/crowdstrike/changelog.yml | 5 ++++ .../data_stream/fdr/fields/ecs.yml | 4 +--- packages/crowdstrike/manifest.yml | 2 +- packages/cyberarkpas/changelog.yml | 5 ++++ .../data_stream/audit/fields/ecs.yml | 8 ++----- packages/cyberarkpas/manifest.yml | 2 +- packages/cylance/changelog.yml | 5 ++++ .../data_stream/protect/fields/ecs.yml | 8 ++----- packages/cylance/manifest.yml | 2 +- packages/f5/changelog.yml | 5 ++++ .../f5/data_stream/bigipafm/fields/ecs.yml | 8 ++----- .../f5/data_stream/bigipapm/fields/ecs.yml | 8 ++----- packages/f5/manifest.yml | 2 +- packages/fim/changelog.yml | 5 ++++ packages/fim/data_stream/event/fields/ecs.yml | 4 +--- packages/fim/manifest.yml | 2 +- packages/fireeye/changelog.yml | 5 ++++ .../fireeye/data_stream/nx/fields/ecs.yml | 8 ++----- packages/fireeye/manifest.yml | 2 +- packages/fortinet_forticlient/changelog.yml | 5 ++++ .../data_stream/log/fields/ecs.yml | 8 ++----- packages/fortinet_forticlient/manifest.yml | 2 +- packages/fortinet_fortigate/changelog.yml | 5 ++++ .../data_stream/log/fields/ecs.yml | 8 ++----- packages/fortinet_fortigate/manifest.yml | 2 +- packages/fortinet_fortimail/changelog.yml | 5 ++++ .../data_stream/log/fields/ecs.yml | 8 ++----- packages/fortinet_fortimail/manifest.yml | 2 +- packages/fortinet_fortimanager/changelog.yml | 5 ++++ .../data_stream/log/fields/ecs.yml | 8 ++----- packages/fortinet_fortimanager/manifest.yml | 2 +- packages/gcp/changelog.yml | 5 ++++ packages/gcp/data_stream/audit/fields/ecs.yml | 4 +--- .../gcp/data_stream/firewall/fields/ecs.yml | 8 ++----- .../gcp/data_stream/vpcflow/fields/ecs.yml | 8 ++----- packages/gcp/manifest.yml | 2 +- packages/google_workspace/changelog.yml | 5 ++++ .../data_stream/admin/fields/ecs.yml | 4 +--- .../data_stream/drive/fields/ecs.yml | 4 +--- packages/google_workspace/manifest.yml | 2 +- packages/hid_bravura_monitor/changelog.yml | 5 ++++ .../data_stream/log/fields/ecs.yml | 8 ++----- packages/hid_bravura_monitor/manifest.yml | 2 +- packages/imperva/changelog.yml | 5 ++++ .../data_stream/securesphere/fields/ecs.yml | 8 ++----- packages/imperva/manifest.yml | 2 +- packages/iptables/changelog.yml | 5 ++++ .../iptables/data_stream/log/fields/ecs.yml | 8 ++----- packages/iptables/manifest.yml | 2 +- packages/juniper_junos/changelog.yml | 5 ++++ .../data_stream/log/fields/ecs.yml | 8 ++----- packages/juniper_junos/manifest.yml | 2 +- packages/juniper_netscreen/changelog.yml | 5 ++++ .../data_stream/log/fields/ecs.yml | 8 ++----- packages/juniper_netscreen/manifest.yml | 2 +- packages/juniper_srx/changelog.yml | 5 ++++ .../data_stream/log/fields/ecs.yml | 24 +++++-------------- packages/juniper_srx/manifest.yml | 2 +- packages/modsecurity/changelog.yml | 5 ++++ .../data_stream/auditlog/fields/ecs.yml | 4 +--- packages/modsecurity/manifest.yml | 2 +- packages/netflow/changelog.yml | 5 ++++ .../netflow/data_stream/log/fields/ecs.yml | 24 +++++-------------- packages/netflow/manifest.yml | 2 +- packages/netscout/changelog.yml | 5 ++++ .../data_stream/sightline/fields/ecs.yml | 8 ++----- packages/netscout/manifest.yml | 2 +- packages/o365/changelog.yml | 5 ++++ .../o365/data_stream/audit/fields/ecs.yml | 4 +--- packages/o365/manifest.yml | 2 +- packages/okta/changelog.yml | 5 ++++ .../okta/data_stream/system/fields/ecs.yml | 12 +++------- packages/okta/manifest.yml | 2 +- packages/pfsense/changelog.yml | 5 ++++ .../pfsense/data_stream/log/fields/ecs.yml | 8 ++----- packages/pfsense/manifest.yml | 2 +- packages/pulse_connect_secure/changelog.yml | 5 ++++ .../data_stream/log/fields/ecs.yml | 12 +++------- packages/pulse_connect_secure/manifest.yml | 2 +- packages/qnap_nas/changelog.yml | 5 ++++ .../qnap_nas/data_stream/log/fields/ecs.yml | 4 +--- packages/qnap_nas/manifest.yml | 2 +- packages/radware/changelog.yml | 5 ++++ .../data_stream/defensepro/fields/ecs.yml | 8 ++----- packages/radware/manifest.yml | 2 +- packages/squid/changelog.yml | 5 ++++ packages/squid/data_stream/log/fields/ecs.yml | 8 ++----- packages/squid/manifest.yml | 2 +- packages/suricata/changelog.yml | 5 ++++ .../suricata/data_stream/eve/fields/ecs.yml | 8 ++----- packages/suricata/manifest.yml | 2 +- packages/tomcat/changelog.yml | 5 ++++ .../tomcat/data_stream/log/fields/ecs.yml | 8 ++----- packages/tomcat/manifest.yml | 2 +- packages/zeek/changelog.yml | 5 ++++ .../data_stream/connection/fields/ecs.yml | 8 ++----- .../zeek/data_stream/dce_rpc/fields/ecs.yml | 8 ++----- packages/zeek/data_stream/dnp3/fields/ecs.yml | 8 ++----- packages/zeek/data_stream/dns/fields/ecs.yml | 8 ++----- packages/zeek/data_stream/dpd/fields/ecs.yml | 8 ++----- packages/zeek/data_stream/ftp/fields/ecs.yml | 8 ++----- packages/zeek/data_stream/http/fields/ecs.yml | 8 ++----- .../zeek/data_stream/intel/fields/ecs.yml | 8 ++----- packages/zeek/data_stream/irc/fields/ecs.yml | 8 ++----- .../zeek/data_stream/kerberos/fields/ecs.yml | 8 ++----- .../zeek/data_stream/modbus/fields/ecs.yml | 8 ++----- .../zeek/data_stream/mysql/fields/ecs.yml | 8 ++----- .../zeek/data_stream/notice/fields/ecs.yml | 8 ++----- packages/zeek/data_stream/ntlm/fields/ecs.yml | 8 ++----- .../zeek/data_stream/radius/fields/ecs.yml | 8 ++----- packages/zeek/data_stream/rdp/fields/ecs.yml | 8 ++----- packages/zeek/data_stream/rfb/fields/ecs.yml | 8 ++----- packages/zeek/data_stream/sip/fields/ecs.yml | 8 ++----- .../zeek/data_stream/smb_cmd/fields/ecs.yml | 8 ++----- .../zeek/data_stream/smb_files/fields/ecs.yml | 8 ++----- .../data_stream/smb_mapping/fields/ecs.yml | 8 ++----- packages/zeek/data_stream/smtp/fields/ecs.yml | 8 ++----- packages/zeek/data_stream/snmp/fields/ecs.yml | 8 ++----- .../zeek/data_stream/socks/fields/ecs.yml | 8 ++----- packages/zeek/data_stream/ssh/fields/ecs.yml | 8 ++----- packages/zeek/data_stream/ssl/fields/ecs.yml | 8 ++----- .../zeek/data_stream/syslog/fields/ecs.yml | 8 ++----- .../data_stream/traceroute/fields/ecs.yml | 8 ++----- .../zeek/data_stream/tunnel/fields/ecs.yml | 8 ++----- .../zeek/data_stream/weird/fields/ecs.yml | 8 ++----- packages/zeek/manifest.yml | 2 +- packages/zscaler_zia/changelog.yml | 5 ++++ packages/zscaler_zia/manifest.yml | 2 +- packages/zscaler_zpa/changelog.yml | 5 ++++ .../data_stream/audit/fields/ecs.yml | 4 +--- .../data_stream/user_activity/fields/ecs.yml | 4 +--- .../data_stream/user_status/fields/ecs.yml | 8 ++----- packages/zscaler_zpa/manifest.yml | 2 +- 192 files changed, 481 insertions(+), 560 deletions(-) diff --git a/packages/akamai/changelog.yml b/packages/akamai/changelog.yml index b3aab0eb799..74d3a24882c 100644 --- a/packages/akamai/changelog.yml +++ b/packages/akamai/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.1.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "2.1.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/akamai/data_stream/siem/fields/ecs.yml b/packages/akamai/data_stream/siem/fields/ecs.yml index 22e38558e07..873e83ac383 100644 --- a/packages/akamai/data_stream/siem/fields/ecs.yml +++ b/packages/akamai/data_stream/siem/fields/ecs.yml @@ -17,9 +17,7 @@ - name: client.geo.region_iso_code external: ecs - name: client.geo.location - description: Longitude and latitude. - example: '{ "lon": -73.614830, "lat": 45.505918 }' - type: geo_point + external: ecs - name: client.geo.region_name external: ecs - name: client.ip diff --git a/packages/akamai/manifest.yml b/packages/akamai/manifest.yml index 95d18bc953d..7652aee6055 100644 --- a/packages/akamai/manifest.yml +++ b/packages/akamai/manifest.yml @@ -1,6 +1,6 @@ name: akamai title: Akamai -version: "2.1.0" +version: "2.1.1" release: ga description: Collect logs from Akamai with Elastic Agent. type: integration diff --git a/packages/atlassian_confluence/changelog.yml b/packages/atlassian_confluence/changelog.yml index 415fd6bce3c..77e39bcd36d 100644 --- a/packages/atlassian_confluence/changelog.yml +++ b/packages/atlassian_confluence/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.5.2" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.5.1" changes: - description: Clarify basic authentication config options. diff --git a/packages/atlassian_confluence/data_stream/audit/fields/ecs.yml b/packages/atlassian_confluence/data_stream/audit/fields/ecs.yml index d6ed36b3782..49469eb61eb 100644 --- a/packages/atlassian_confluence/data_stream/audit/fields/ecs.yml +++ b/packages/atlassian_confluence/data_stream/audit/fields/ecs.yml @@ -46,10 +46,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - example: '{ "lon": -73.614830, "lat": 45.505918 }' +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/atlassian_confluence/manifest.yml b/packages/atlassian_confluence/manifest.yml index 90a11bdc254..a51a23f6120 100644 --- a/packages/atlassian_confluence/manifest.yml +++ b/packages/atlassian_confluence/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: atlassian_confluence title: Atlassian Confluence -version: "1.5.1" +version: "1.5.2" license: basic description: Collect logs from Atlassian Confluence with Elastic Agent. type: integration diff --git a/packages/atlassian_jira/changelog.yml b/packages/atlassian_jira/changelog.yml index 57734f0b22d..6b4a9112aed 100644 --- a/packages/atlassian_jira/changelog.yml +++ b/packages/atlassian_jira/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.5.2" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.5.1" changes: - description: Clarify basic authentication config options. diff --git a/packages/atlassian_jira/data_stream/audit/fields/ecs.yml b/packages/atlassian_jira/data_stream/audit/fields/ecs.yml index 090b9906d9a..467fad1fd0b 100644 --- a/packages/atlassian_jira/data_stream/audit/fields/ecs.yml +++ b/packages/atlassian_jira/data_stream/audit/fields/ecs.yml @@ -48,10 +48,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - example: '{ "lon": -73.614830, "lat": 45.505918 }' +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/atlassian_jira/manifest.yml b/packages/atlassian_jira/manifest.yml index 2a14b948404..3d14cb7be9c 100644 --- a/packages/atlassian_jira/manifest.yml +++ b/packages/atlassian_jira/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: atlassian_jira title: Atlassian Jira -version: "1.5.1" +version: "1.5.2" license: basic description: Collect logs from Atlassian Jira with Elastic Agent. type: integration diff --git a/packages/auditd/changelog.yml b/packages/auditd/changelog.yml index a591d896594..224089aff6f 100644 --- a/packages/auditd/changelog.yml +++ b/packages/auditd/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "3.3.3" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "3.3.2" changes: - description: Remove unused visualizations diff --git a/packages/auditd/data_stream/log/fields/ecs.yml b/packages/auditd/data_stream/log/fields/ecs.yml index c8521fe41ba..09009e8427c 100644 --- a/packages/auditd/data_stream/log/fields/ecs.yml +++ b/packages/auditd/data_stream/log/fields/ecs.yml @@ -58,10 +58,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.region_iso_code - external: ecs diff --git a/packages/auditd/manifest.yml b/packages/auditd/manifest.yml index 34a1284d101..ecccf026fdc 100644 --- a/packages/auditd/manifest.yml +++ b/packages/auditd/manifest.yml @@ -1,6 +1,6 @@ name: auditd title: Auditd Logs -version: "3.3.2" +version: "3.3.3" release: ga description: Collect logs from Linux audit daemon with Elastic Agent. type: integration diff --git a/packages/auth0/changelog.yml b/packages/auth0/changelog.yml index e725bc8d5ce..996b15ce9ec 100644 --- a/packages/auth0/changelog.yml +++ b/packages/auth0/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.2.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.2.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/auth0/data_stream/logs/fields/ecs.yml b/packages/auth0/data_stream/logs/fields/ecs.yml index ecab2d6290e..0dbcc9a5ffa 100644 --- a/packages/auth0/data_stream/logs/fields/ecs.yml +++ b/packages/auth0/data_stream/logs/fields/ecs.yml @@ -94,10 +94,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/auth0/manifest.yml b/packages/auth0/manifest.yml index dcfb361ca16..c7f3c9b7f69 100644 --- a/packages/auth0/manifest.yml +++ b/packages/auth0/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: auth0 title: "Auth0" -version: 1.2.0 +version: 1.2.1 license: basic description: Collect logs from Auth0 with Elastic Agent. type: integration diff --git a/packages/barracuda/changelog.yml b/packages/barracuda/changelog.yml index f27f93ca5f9..dc9e8b8fc33 100644 --- a/packages/barracuda/changelog.yml +++ b/packages/barracuda/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.11.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "0.11.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/barracuda/data_stream/spamfirewall/fields/ecs.yml b/packages/barracuda/data_stream/spamfirewall/fields/ecs.yml index 1da8c39a341..fd1b4594e68 100644 --- a/packages/barracuda/data_stream/spamfirewall/fields/ecs.yml +++ b/packages/barracuda/data_stream/spamfirewall/fields/ecs.yml @@ -22,10 +22,8 @@ name: destination.geo.city_name - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.ip - external: ecs @@ -186,10 +184,8 @@ name: source.geo.city_name - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.ip - external: ecs diff --git a/packages/barracuda/data_stream/waf/fields/ecs.yml b/packages/barracuda/data_stream/waf/fields/ecs.yml index 1da8c39a341..fd1b4594e68 100644 --- a/packages/barracuda/data_stream/waf/fields/ecs.yml +++ b/packages/barracuda/data_stream/waf/fields/ecs.yml @@ -22,10 +22,8 @@ name: destination.geo.city_name - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.ip - external: ecs @@ -186,10 +184,8 @@ name: source.geo.city_name - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.ip - external: ecs diff --git a/packages/barracuda/manifest.yml b/packages/barracuda/manifest.yml index 602e0ff1303..b74b8ef8d30 100644 --- a/packages/barracuda/manifest.yml +++ b/packages/barracuda/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: barracuda title: Barracuda Logs -version: "0.11.0" +version: "0.11.1" description: Collect spam and web application firewall logs from Barracuda devices with Elastic Agent. categories: ["network", "security"] release: experimental diff --git a/packages/bluecoat/changelog.yml b/packages/bluecoat/changelog.yml index cb08b9defe7..d50424f3d5f 100644 --- a/packages/bluecoat/changelog.yml +++ b/packages/bluecoat/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.10.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "0.10.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/bluecoat/data_stream/director/fields/ecs.yml b/packages/bluecoat/data_stream/director/fields/ecs.yml index 1da8c39a341..fd1b4594e68 100644 --- a/packages/bluecoat/data_stream/director/fields/ecs.yml +++ b/packages/bluecoat/data_stream/director/fields/ecs.yml @@ -22,10 +22,8 @@ name: destination.geo.city_name - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.ip - external: ecs @@ -186,10 +184,8 @@ name: source.geo.city_name - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.ip - external: ecs diff --git a/packages/bluecoat/manifest.yml b/packages/bluecoat/manifest.yml index 3ef4af85ec6..deac6378f6c 100644 --- a/packages/bluecoat/manifest.yml +++ b/packages/bluecoat/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: bluecoat title: Blue Coat Director Logs -version: "0.10.0" +version: "0.10.1" description: Collect director logs from Blue Coat devices with Elastic Agent. categories: ["network", "security"] release: experimental diff --git a/packages/cef/changelog.yml b/packages/cef/changelog.yml index 5e913ec2c0f..5970fddc20c 100644 --- a/packages/cef/changelog.yml +++ b/packages/cef/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.3.2" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "2.3.1" changes: - description: Remove unused visualizations diff --git a/packages/cef/data_stream/log/fields/ecs.yml b/packages/cef/data_stream/log/fields/ecs.yml index f0946e767ae..f83dbdbf0ed 100644 --- a/packages/cef/data_stream/log/fields/ecs.yml +++ b/packages/cef/data_stream/log/fields/ecs.yml @@ -14,10 +14,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.region_iso_code - external: ecs @@ -136,10 +134,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.region_iso_code - external: ecs diff --git a/packages/cef/manifest.yml b/packages/cef/manifest.yml index 6d959f6bc46..38688c6fd86 100644 --- a/packages/cef/manifest.yml +++ b/packages/cef/manifest.yml @@ -1,6 +1,6 @@ name: cef title: Common Event Format (CEF) -version: 2.3.1 +version: 2.3.2 release: ga description: Collect logs from CEF Logs with Elastic Agent. type: integration diff --git a/packages/checkpoint/changelog.yml b/packages/checkpoint/changelog.yml index e42226cd2a2..90a2b539e36 100644 --- a/packages/checkpoint/changelog.yml +++ b/packages/checkpoint/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.8.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.8.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/checkpoint/data_stream/firewall/fields/ecs.yml b/packages/checkpoint/data_stream/firewall/fields/ecs.yml index 8c652bd78f2..6739ec67921 100644 --- a/packages/checkpoint/data_stream/firewall/fields/ecs.yml +++ b/packages/checkpoint/data_stream/firewall/fields/ecs.yml @@ -16,10 +16,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -210,10 +208,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/checkpoint/manifest.yml b/packages/checkpoint/manifest.yml index fe11a1639a2..ce0981da5e0 100644 --- a/packages/checkpoint/manifest.yml +++ b/packages/checkpoint/manifest.yml @@ -1,6 +1,6 @@ name: checkpoint title: Check Point -version: "1.8.0" +version: "1.8.1" release: ga description: Collect logs from Check Point with Elastic Agent. type: integration diff --git a/packages/cisco_aironet/changelog.yml b/packages/cisco_aironet/changelog.yml index 45cbba15657..e3d55feaa10 100644 --- a/packages/cisco_aironet/changelog.yml +++ b/packages/cisco_aironet/changelog.yml @@ -1,5 +1,9 @@ # newer versions go on top - +- version: "0.0.2" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "0.0.1" changes: - description: Initial draft of the package for Cisco WLC diff --git a/packages/cisco_aironet/data_stream/log/fields/ecs.yml b/packages/cisco_aironet/data_stream/log/fields/ecs.yml index 66f308fa9f3..031766bf888 100644 --- a/packages/cisco_aironet/data_stream/log/fields/ecs.yml +++ b/packages/cisco_aironet/data_stream/log/fields/ecs.yml @@ -30,10 +30,8 @@ name: client.geo.country_iso_code - external: ecs name: client.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: client.geo.location - type: geo_point - external: ecs name: client.geo.region_iso_code - external: ecs diff --git a/packages/cisco_aironet/manifest.yml b/packages/cisco_aironet/manifest.yml index 4f2f9c4f889..1d8e402305e 100644 --- a/packages/cisco_aironet/manifest.yml +++ b/packages/cisco_aironet/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: cisco_aironet title: "Cisco Aironet" -version: 0.0.1 +version: 0.0.2 release: beta license: basic description: "Integration for Cisco Aironet WLC Logs" diff --git a/packages/cisco_asa/changelog.yml b/packages/cisco_asa/changelog.yml index ad84e018a56..d44af9ae62d 100644 --- a/packages/cisco_asa/changelog.yml +++ b/packages/cisco_asa/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.7.4" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "2.7.3" changes: - description: Fix handling of non-canonical 113005 messages. diff --git a/packages/cisco_asa/data_stream/log/fields/ecs.yml b/packages/cisco_asa/data_stream/log/fields/ecs.yml index 28967499e89..85a480d2e71 100644 --- a/packages/cisco_asa/data_stream/log/fields/ecs.yml +++ b/packages/cisco_asa/data_stream/log/fields/ecs.yml @@ -20,10 +20,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.region_iso_code - external: ecs @@ -158,10 +156,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.region_iso_code - external: ecs diff --git a/packages/cisco_asa/manifest.yml b/packages/cisco_asa/manifest.yml index 302bd97ae62..b0a11a11f77 100644 --- a/packages/cisco_asa/manifest.yml +++ b/packages/cisco_asa/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: cisco_asa title: Cisco ASA -version: "2.7.3" +version: "2.7.4" license: basic description: Collect logs from Cisco ASA with Elastic Agent. type: integration diff --git a/packages/cisco_ftd/changelog.yml b/packages/cisco_ftd/changelog.yml index cf301ae8b29..5ae641e3563 100644 --- a/packages/cisco_ftd/changelog.yml +++ b/packages/cisco_ftd/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.4.2" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "2.4.1" changes: - description: Clean up grok pattern naming. diff --git a/packages/cisco_ftd/data_stream/log/fields/ecs.yml b/packages/cisco_ftd/data_stream/log/fields/ecs.yml index ba804f8da32..45aee295091 100644 --- a/packages/cisco_ftd/data_stream/log/fields/ecs.yml +++ b/packages/cisco_ftd/data_stream/log/fields/ecs.yml @@ -20,10 +20,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.region_iso_code - external: ecs @@ -186,10 +184,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.region_iso_code - external: ecs diff --git a/packages/cisco_ftd/manifest.yml b/packages/cisco_ftd/manifest.yml index b1286e01d33..16ac1a2652e 100644 --- a/packages/cisco_ftd/manifest.yml +++ b/packages/cisco_ftd/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: cisco_ftd title: Cisco FTD -version: "2.4.1" +version: "2.4.2" license: basic description: Collect logs from Cisco FTD with Elastic Agent. type: integration diff --git a/packages/cisco_ios/changelog.yml b/packages/cisco_ios/changelog.yml index faf097abfcb..bfe4205307d 100644 --- a/packages/cisco_ios/changelog.yml +++ b/packages/cisco_ios/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.9.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.9.0" changes: - description: Handle ASR Log Format. diff --git a/packages/cisco_ios/data_stream/log/fields/ecs.yml b/packages/cisco_ios/data_stream/log/fields/ecs.yml index aa2cf73fd85..088f3c8ef1b 100644 --- a/packages/cisco_ios/data_stream/log/fields/ecs.yml +++ b/packages/cisco_ios/data_stream/log/fields/ecs.yml @@ -18,10 +18,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.ip - external: ecs @@ -106,10 +104,8 @@ name: source.geo.region_iso_code - external: ecs name: source.geo.region_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: tags - external: ecs diff --git a/packages/cisco_ios/manifest.yml b/packages/cisco_ios/manifest.yml index 44fe2b46fdb..0da19bfce06 100644 --- a/packages/cisco_ios/manifest.yml +++ b/packages/cisco_ios/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: cisco_ios title: Cisco IOS -version: "1.9.0" +version: "1.9.1" license: basic description: Collect logs from Cisco IOS with Elastic Agent. type: integration diff --git a/packages/cisco_meraki/changelog.yml b/packages/cisco_meraki/changelog.yml index ff227db9070..aac3f683f33 100644 --- a/packages/cisco_meraki/changelog.yml +++ b/packages/cisco_meraki/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.1.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/cisco_meraki/data_stream/events/fields/ecs.yml b/packages/cisco_meraki/data_stream/events/fields/ecs.yml index 1689c91fbc3..5b5bd8d67a9 100644 --- a/packages/cisco_meraki/data_stream/events/fields/ecs.yml +++ b/packages/cisco_meraki/data_stream/events/fields/ecs.yml @@ -26,10 +26,8 @@ name: destination.geo.city_name - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.ip - external: ecs @@ -206,10 +204,8 @@ name: source.geo.city_name - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.ip - external: ecs diff --git a/packages/cisco_meraki/data_stream/log/fields/ecs.yml b/packages/cisco_meraki/data_stream/log/fields/ecs.yml index 668ec366d90..b2066432b80 100644 --- a/packages/cisco_meraki/data_stream/log/fields/ecs.yml +++ b/packages/cisco_meraki/data_stream/log/fields/ecs.yml @@ -26,10 +26,8 @@ name: destination.geo.city_name - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.ip - external: ecs @@ -206,10 +204,8 @@ name: source.geo.city_name - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.ip - external: ecs @@ -290,10 +286,8 @@ name: client.geo.country_iso_code - external: ecs name: client.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: client.geo.location - type: geo_point - external: ecs name: client.geo.region_iso_code - external: ecs diff --git a/packages/cisco_meraki/manifest.yml b/packages/cisco_meraki/manifest.yml index 2a177bc02a5..8d4115c4d93 100644 --- a/packages/cisco_meraki/manifest.yml +++ b/packages/cisco_meraki/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: cisco_meraki title: Cisco Meraki -version: 1.1.0 +version: 1.1.1 license: basic description: Collect logs from Cisco Meraki with Elastic Agent. type: integration diff --git a/packages/cisco_nexus/changelog.yml b/packages/cisco_nexus/changelog.yml index 6f416d3d96d..cf7bb094073 100644 --- a/packages/cisco_nexus/changelog.yml +++ b/packages/cisco_nexus/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.7.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "0.7.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/cisco_nexus/data_stream/log/fields/ecs.yml b/packages/cisco_nexus/data_stream/log/fields/ecs.yml index 1da8c39a341..fd1b4594e68 100644 --- a/packages/cisco_nexus/data_stream/log/fields/ecs.yml +++ b/packages/cisco_nexus/data_stream/log/fields/ecs.yml @@ -22,10 +22,8 @@ name: destination.geo.city_name - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.ip - external: ecs @@ -186,10 +184,8 @@ name: source.geo.city_name - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.ip - external: ecs diff --git a/packages/cisco_nexus/manifest.yml b/packages/cisco_nexus/manifest.yml index d107f239d05..4accd94ae2f 100644 --- a/packages/cisco_nexus/manifest.yml +++ b/packages/cisco_nexus/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: cisco_nexus title: Cisco Nexus -version: "0.7.0" +version: "0.7.1" license: basic description: Collect logs from Cisco Nexus with Elastic Agent. type: integration diff --git a/packages/cisco_secure_endpoint/changelog.yml b/packages/cisco_secure_endpoint/changelog.yml index 82a707c47d8..182c36f2bd6 100644 --- a/packages/cisco_secure_endpoint/changelog.yml +++ b/packages/cisco_secure_endpoint/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.6.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "2.6.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/cisco_secure_endpoint/data_stream/event/fields/ecs.yml b/packages/cisco_secure_endpoint/data_stream/event/fields/ecs.yml index e6934866f97..158a2e541db 100644 --- a/packages/cisco_secure_endpoint/data_stream/event/fields/ecs.yml +++ b/packages/cisco_secure_endpoint/data_stream/event/fields/ecs.yml @@ -86,10 +86,8 @@ name: destination.geo.city_name - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.ip - external: ecs diff --git a/packages/cisco_secure_endpoint/manifest.yml b/packages/cisco_secure_endpoint/manifest.yml index ae077ab3621..58ba10d1a4d 100644 --- a/packages/cisco_secure_endpoint/manifest.yml +++ b/packages/cisco_secure_endpoint/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: cisco_secure_endpoint title: Cisco Secure Endpoint -version: 2.6.0 +version: 2.6.1 license: basic description: Collect logs from Cisco Secure Endpoint (AMP) with Elastic Agent. type: integration diff --git a/packages/cisco_umbrella/changelog.yml b/packages/cisco_umbrella/changelog.yml index 02071d89822..602c0ad07ab 100644 --- a/packages/cisco_umbrella/changelog.yml +++ b/packages/cisco_umbrella/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.3.3" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.3.2" changes: - description: Fix proxy log CSV fields diff --git a/packages/cisco_umbrella/data_stream/log/fields/ecs.yml b/packages/cisco_umbrella/data_stream/log/fields/ecs.yml index b32fbe988e8..4762ec630db 100644 --- a/packages/cisco_umbrella/data_stream/log/fields/ecs.yml +++ b/packages/cisco_umbrella/data_stream/log/fields/ecs.yml @@ -30,10 +30,8 @@ name: destination.geo.region_name - external: ecs name: destination.geo.country_iso_code -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.ip - external: ecs @@ -132,10 +130,8 @@ name: source.geo.continent_name - external: ecs name: source.geo.country_iso_code -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.region_iso_code - external: ecs diff --git a/packages/cisco_umbrella/manifest.yml b/packages/cisco_umbrella/manifest.yml index 8419c8d4233..3de9b22c3e0 100644 --- a/packages/cisco_umbrella/manifest.yml +++ b/packages/cisco_umbrella/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: cisco_umbrella title: Cisco Umbrella -version: "1.3.2" +version: "1.3.3" license: basic description: Collect logs from Cisco Umbrella with Elastic Agent. type: integration diff --git a/packages/citrix_waf/changelog.yml b/packages/citrix_waf/changelog.yml index 917b28b5e6c..f0e6be5ce24 100644 --- a/packages/citrix_waf/changelog.yml +++ b/packages/citrix_waf/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.1.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/citrix_waf/data_stream/log/fields/ecs.yml b/packages/citrix_waf/data_stream/log/fields/ecs.yml index f89893a851e..c5f5dd09932 100644 --- a/packages/citrix_waf/data_stream/log/fields/ecs.yml +++ b/packages/citrix_waf/data_stream/log/fields/ecs.yml @@ -12,10 +12,8 @@ name: client.geo.country_iso_code - external: ecs name: client.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: client.geo.location - type: geo_point - external: ecs name: client.geo.region_iso_code - external: ecs @@ -138,10 +136,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.region_iso_code - external: ecs diff --git a/packages/citrix_waf/manifest.yml b/packages/citrix_waf/manifest.yml index 8a27cbf1b71..7b320dfcd52 100644 --- a/packages/citrix_waf/manifest.yml +++ b/packages/citrix_waf/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: citrix_waf title: "Citrix Web App Firewall" -version: 1.1.0 +version: 1.1.1 license: basic description: Ingest events from Citrix Systems Web App Firewall. type: integration diff --git a/packages/cloudflare/changelog.yml b/packages/cloudflare/changelog.yml index 8e4dfb45a80..67c13e2079a 100644 --- a/packages/cloudflare/changelog.yml +++ b/packages/cloudflare/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.2.3" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "2.2.2" changes: - description: Fix pagination issue. diff --git a/packages/cloudflare/data_stream/logpull/fields/ecs.yml b/packages/cloudflare/data_stream/logpull/fields/ecs.yml index 9a9a6402b06..0b84afe75a4 100644 --- a/packages/cloudflare/data_stream/logpull/fields/ecs.yml +++ b/packages/cloudflare/data_stream/logpull/fields/ecs.yml @@ -17,9 +17,7 @@ - name: client.geo.region_iso_code external: ecs - name: client.geo.location - description: Longitude and latitude. - example: '{ "lon": -73.614830, "lat": 45.505918 }' - type: geo_point + external: ecs - name: client.geo.region_name external: ecs - name: client.ip diff --git a/packages/cloudflare/manifest.yml b/packages/cloudflare/manifest.yml index 8e6c0a4be3e..87d860d9197 100644 --- a/packages/cloudflare/manifest.yml +++ b/packages/cloudflare/manifest.yml @@ -1,6 +1,6 @@ name: cloudflare title: Cloudflare -version: 2.2.2 +version: 2.2.3 release: ga description: Collect logs from Cloudflare with Elastic Agent. type: integration diff --git a/packages/crowdstrike/changelog.yml b/packages/crowdstrike/changelog.yml index 8c0327975cb..71f7e5ace6d 100644 --- a/packages/crowdstrike/changelog.yml +++ b/packages/crowdstrike/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.6.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.6.0" changes: - description: Parse executable for `process.name` in FDR data stream diff --git a/packages/crowdstrike/data_stream/fdr/fields/ecs.yml b/packages/crowdstrike/data_stream/fdr/fields/ecs.yml index e1da43464bd..e69d6c83461 100644 --- a/packages/crowdstrike/data_stream/fdr/fields/ecs.yml +++ b/packages/crowdstrike/data_stream/fdr/fields/ecs.yml @@ -102,10 +102,8 @@ name: observer.geo.country_iso_code - external: ecs name: observer.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: observer.geo.location - type: geo_point - external: ecs name: observer.geo.region_iso_code - external: ecs diff --git a/packages/crowdstrike/manifest.yml b/packages/crowdstrike/manifest.yml index 7f2542527cf..1e20f5aa099 100644 --- a/packages/crowdstrike/manifest.yml +++ b/packages/crowdstrike/manifest.yml @@ -1,6 +1,6 @@ name: crowdstrike title: CrowdStrike -version: "1.6.0" +version: "1.6.1" description: Collect logs from Crowdstrike with Elastic Agent. type: integration format_version: 1.0.0 diff --git a/packages/cyberarkpas/changelog.yml b/packages/cyberarkpas/changelog.yml index 4ac375067b9..d2c950abd0a 100644 --- a/packages/cyberarkpas/changelog.yml +++ b/packages/cyberarkpas/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.6.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "2.6.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/cyberarkpas/data_stream/audit/fields/ecs.yml b/packages/cyberarkpas/data_stream/audit/fields/ecs.yml index 52bc05f570c..b9c6e99296f 100644 --- a/packages/cyberarkpas/data_stream/audit/fields/ecs.yml +++ b/packages/cyberarkpas/data_stream/audit/fields/ecs.yml @@ -14,10 +14,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.region_iso_code - external: ecs @@ -100,10 +98,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.region_iso_code - external: ecs diff --git a/packages/cyberarkpas/manifest.yml b/packages/cyberarkpas/manifest.yml index b06d3acc45c..6b06389c849 100644 --- a/packages/cyberarkpas/manifest.yml +++ b/packages/cyberarkpas/manifest.yml @@ -1,6 +1,6 @@ name: cyberarkpas title: CyberArk Privileged Access Security -version: 2.6.0 +version: 2.6.1 release: ga description: Collect logs from CyberArk Privileged Access Security with Elastic Agent. type: integration diff --git a/packages/cylance/changelog.yml b/packages/cylance/changelog.yml index ede593bb8c1..01717d91e9a 100644 --- a/packages/cylance/changelog.yml +++ b/packages/cylance/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.10.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "0.10.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/cylance/data_stream/protect/fields/ecs.yml b/packages/cylance/data_stream/protect/fields/ecs.yml index 1da8c39a341..fd1b4594e68 100644 --- a/packages/cylance/data_stream/protect/fields/ecs.yml +++ b/packages/cylance/data_stream/protect/fields/ecs.yml @@ -22,10 +22,8 @@ name: destination.geo.city_name - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.ip - external: ecs @@ -186,10 +184,8 @@ name: source.geo.city_name - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.ip - external: ecs diff --git a/packages/cylance/manifest.yml b/packages/cylance/manifest.yml index 8f3127e0134..a20b8d1d3e0 100644 --- a/packages/cylance/manifest.yml +++ b/packages/cylance/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: cylance title: CylanceProtect Logs -version: "0.10.0" +version: "0.10.1" description: Collect logs from CylanceProtect devices with Elastic Agent. categories: ["security"] release: experimental diff --git a/packages/f5/changelog.yml b/packages/f5/changelog.yml index da8df616fc8..bb584a0992c 100644 --- a/packages/f5/changelog.yml +++ b/packages/f5/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.11.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "0.11.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/f5/data_stream/bigipafm/fields/ecs.yml b/packages/f5/data_stream/bigipafm/fields/ecs.yml index 917aab6ef3e..5c76d7ffed5 100644 --- a/packages/f5/data_stream/bigipafm/fields/ecs.yml +++ b/packages/f5/data_stream/bigipafm/fields/ecs.yml @@ -22,10 +22,8 @@ name: destination.geo.city_name - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.ip - external: ecs @@ -186,10 +184,8 @@ name: source.geo.city_name - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.ip - external: ecs diff --git a/packages/f5/data_stream/bigipapm/fields/ecs.yml b/packages/f5/data_stream/bigipapm/fields/ecs.yml index 6159945987a..a7f89e372b1 100644 --- a/packages/f5/data_stream/bigipapm/fields/ecs.yml +++ b/packages/f5/data_stream/bigipapm/fields/ecs.yml @@ -22,10 +22,8 @@ name: destination.geo.city_name - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.ip - external: ecs @@ -186,10 +184,8 @@ name: source.geo.city_name - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.ip - external: ecs diff --git a/packages/f5/manifest.yml b/packages/f5/manifest.yml index db6adf3a6a9..cedaa9c4e34 100644 --- a/packages/f5/manifest.yml +++ b/packages/f5/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: f5 title: F5 Logs -version: "0.11.0" +version: "0.11.1" description: Collect and parse logs from F5 devices with Elastic Agent. categories: ["network", "security"] release: experimental diff --git a/packages/fim/changelog.yml b/packages/fim/changelog.yml index 91c7f33c05c..70f1140b7c5 100644 --- a/packages/fim/changelog.yml +++ b/packages/fim/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.2.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.2.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/fim/data_stream/event/fields/ecs.yml b/packages/fim/data_stream/event/fields/ecs.yml index ef68090bb59..4752d6c966d 100644 --- a/packages/fim/data_stream/event/fields/ecs.yml +++ b/packages/fim/data_stream/event/fields/ecs.yml @@ -88,10 +88,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.region_iso_code - external: ecs diff --git a/packages/fim/manifest.yml b/packages/fim/manifest.yml index 458e59e132c..0953b68bc19 100644 --- a/packages/fim/manifest.yml +++ b/packages/fim/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: fim title: "File Integrity Monitoring" -version: "1.2.0" +version: "1.2.1" license: basic release: ga description: "The File Integrity Monitoring integration reports filesystem changes in real time." diff --git a/packages/fireeye/changelog.yml b/packages/fireeye/changelog.yml index 99cb296cd94..fae686d1a6e 100644 --- a/packages/fireeye/changelog.yml +++ b/packages/fireeye/changelog.yml @@ -1,3 +1,8 @@ +- version: "1.6.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.6.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/fireeye/data_stream/nx/fields/ecs.yml b/packages/fireeye/data_stream/nx/fields/ecs.yml index 806e86cf15f..cfe509dd51a 100644 --- a/packages/fireeye/data_stream/nx/fields/ecs.yml +++ b/packages/fireeye/data_stream/nx/fields/ecs.yml @@ -52,10 +52,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.region_iso_code - external: ecs @@ -78,10 +76,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.region_iso_code - external: ecs diff --git a/packages/fireeye/manifest.yml b/packages/fireeye/manifest.yml index b1bbc7f23c8..969382eefd7 100644 --- a/packages/fireeye/manifest.yml +++ b/packages/fireeye/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: fireeye title: "FireEye Network Security" -version: 1.6.0 +version: 1.6.1 license: basic description: Collect logs from FireEye NX with Elastic Agent. type: integration diff --git a/packages/fortinet_forticlient/changelog.yml b/packages/fortinet_forticlient/changelog.yml index 2354ed71216..c2ed25a0b4d 100644 --- a/packages/fortinet_forticlient/changelog.yml +++ b/packages/fortinet_forticlient/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.1.0" changes: - description: Update Ingest Pipeline with observer Fields diff --git a/packages/fortinet_forticlient/data_stream/log/fields/ecs.yml b/packages/fortinet_forticlient/data_stream/log/fields/ecs.yml index 1da8c39a341..fd1b4594e68 100644 --- a/packages/fortinet_forticlient/data_stream/log/fields/ecs.yml +++ b/packages/fortinet_forticlient/data_stream/log/fields/ecs.yml @@ -22,10 +22,8 @@ name: destination.geo.city_name - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.ip - external: ecs @@ -186,10 +184,8 @@ name: source.geo.city_name - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.ip - external: ecs diff --git a/packages/fortinet_forticlient/manifest.yml b/packages/fortinet_forticlient/manifest.yml index d083c3cb931..fc450f90ec4 100644 --- a/packages/fortinet_forticlient/manifest.yml +++ b/packages/fortinet_forticlient/manifest.yml @@ -1,6 +1,6 @@ name: fortinet_forticlient title: Fortinet FortiClient Logs -version: 1.1.0 +version: 1.1.1 release: ga description: Collect logs from Fortinet FortiClient instances with Elastic Agent. type: integration diff --git a/packages/fortinet_fortigate/changelog.yml b/packages/fortinet_fortigate/changelog.yml index d057aec32be..ed40d25fd82 100644 --- a/packages/fortinet_fortigate/changelog.yml +++ b/packages/fortinet_fortigate/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.2.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.2.0" changes: - description: Update Ingest Pipeline with observer Fields diff --git a/packages/fortinet_fortigate/data_stream/log/fields/ecs.yml b/packages/fortinet_fortigate/data_stream/log/fields/ecs.yml index 790b123da4a..328a83a116a 100644 --- a/packages/fortinet_fortigate/data_stream/log/fields/ecs.yml +++ b/packages/fortinet_fortigate/data_stream/log/fields/ecs.yml @@ -18,10 +18,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -172,10 +170,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/fortinet_fortigate/manifest.yml b/packages/fortinet_fortigate/manifest.yml index 7d2453ef08e..753235e83bf 100644 --- a/packages/fortinet_fortigate/manifest.yml +++ b/packages/fortinet_fortigate/manifest.yml @@ -1,6 +1,6 @@ name: fortinet_fortigate title: Fortinet FortiGate Firewall Logs -version: 1.2.0 +version: 1.2.1 release: ga description: Collect logs from Fortinet FortiGate firewalls with Elastic Agent. type: integration diff --git a/packages/fortinet_fortimail/changelog.yml b/packages/fortinet_fortimail/changelog.yml index 301dc4f9bfe..9adc7433ba8 100644 --- a/packages/fortinet_fortimail/changelog.yml +++ b/packages/fortinet_fortimail/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.1.0" changes: - description: Update Ingest Pipeline with observer Fields diff --git a/packages/fortinet_fortimail/data_stream/log/fields/ecs.yml b/packages/fortinet_fortimail/data_stream/log/fields/ecs.yml index 1da8c39a341..fd1b4594e68 100644 --- a/packages/fortinet_fortimail/data_stream/log/fields/ecs.yml +++ b/packages/fortinet_fortimail/data_stream/log/fields/ecs.yml @@ -22,10 +22,8 @@ name: destination.geo.city_name - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.ip - external: ecs @@ -186,10 +184,8 @@ name: source.geo.city_name - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.ip - external: ecs diff --git a/packages/fortinet_fortimail/manifest.yml b/packages/fortinet_fortimail/manifest.yml index bca3a84d747..8b8b96278b4 100644 --- a/packages/fortinet_fortimail/manifest.yml +++ b/packages/fortinet_fortimail/manifest.yml @@ -1,6 +1,6 @@ name: fortinet_fortimail title: Fortinet FortiMail Logs -version: 1.1.0 +version: 1.1.1 release: ga description: Collect logs from Fortinet FortiMail instances with Elastic Agent. type: integration diff --git a/packages/fortinet_fortimanager/changelog.yml b/packages/fortinet_fortimanager/changelog.yml index eab6fe883cc..862a7e8500a 100644 --- a/packages/fortinet_fortimanager/changelog.yml +++ b/packages/fortinet_fortimanager/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.1.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.1.0" changes: - description: Update Ingest Pipeline with observer Fields diff --git a/packages/fortinet_fortimanager/data_stream/log/fields/ecs.yml b/packages/fortinet_fortimanager/data_stream/log/fields/ecs.yml index 917aab6ef3e..5c76d7ffed5 100644 --- a/packages/fortinet_fortimanager/data_stream/log/fields/ecs.yml +++ b/packages/fortinet_fortimanager/data_stream/log/fields/ecs.yml @@ -22,10 +22,8 @@ name: destination.geo.city_name - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.ip - external: ecs @@ -186,10 +184,8 @@ name: source.geo.city_name - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.ip - external: ecs diff --git a/packages/fortinet_fortimanager/manifest.yml b/packages/fortinet_fortimanager/manifest.yml index 644b020d361..e666e96a801 100644 --- a/packages/fortinet_fortimanager/manifest.yml +++ b/packages/fortinet_fortimanager/manifest.yml @@ -1,6 +1,6 @@ name: fortinet_fortimanager title: Fortinet FortiManager Logs -version: 1.1.0 +version: 1.1.1 release: ga description: Collect logs from Fortinet FortiManager instances with Elastic Agent. type: integration diff --git a/packages/gcp/changelog.yml b/packages/gcp/changelog.yml index 0301bc912b7..5fb267eb278 100644 --- a/packages/gcp/changelog.yml +++ b/packages/gcp/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.11.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "2.11.0" changes: - description: Move Compute lightweight module config into integration diff --git a/packages/gcp/data_stream/audit/fields/ecs.yml b/packages/gcp/data_stream/audit/fields/ecs.yml index 4456cea03e1..676d4c32c92 100644 --- a/packages/gcp/data_stream/audit/fields/ecs.yml +++ b/packages/gcp/data_stream/audit/fields/ecs.yml @@ -58,10 +58,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.region_iso_code - external: ecs diff --git a/packages/gcp/data_stream/firewall/fields/ecs.yml b/packages/gcp/data_stream/firewall/fields/ecs.yml index da869c08d35..b053213db44 100644 --- a/packages/gcp/data_stream/firewall/fields/ecs.yml +++ b/packages/gcp/data_stream/firewall/fields/ecs.yml @@ -18,10 +18,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -96,10 +94,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/gcp/data_stream/vpcflow/fields/ecs.yml b/packages/gcp/data_stream/vpcflow/fields/ecs.yml index 1bd680c8e76..0872e4c2a22 100644 --- a/packages/gcp/data_stream/vpcflow/fields/ecs.yml +++ b/packages/gcp/data_stream/vpcflow/fields/ecs.yml @@ -18,10 +18,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -106,10 +104,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/gcp/manifest.yml b/packages/gcp/manifest.yml index 696d9c0f260..cf4d3370d59 100644 --- a/packages/gcp/manifest.yml +++ b/packages/gcp/manifest.yml @@ -1,6 +1,6 @@ name: gcp title: Google Cloud Platform -version: "2.11.0" +version: "2.11.1" release: ga description: Collect logs from Google Cloud Platform with Elastic Agent. type: integration diff --git a/packages/google_workspace/changelog.yml b/packages/google_workspace/changelog.yml index 99603927ce4..07352e974a2 100644 --- a/packages/google_workspace/changelog.yml +++ b/packages/google_workspace/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.7.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.7.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/google_workspace/data_stream/admin/fields/ecs.yml b/packages/google_workspace/data_stream/admin/fields/ecs.yml index 4ea90a14e84..1cbbe0042ea 100644 --- a/packages/google_workspace/data_stream/admin/fields/ecs.yml +++ b/packages/google_workspace/data_stream/admin/fields/ecs.yml @@ -64,10 +64,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.region_iso_code - external: ecs diff --git a/packages/google_workspace/data_stream/drive/fields/ecs.yml b/packages/google_workspace/data_stream/drive/fields/ecs.yml index 11a8398fbab..0fdf8a73053 100644 --- a/packages/google_workspace/data_stream/drive/fields/ecs.yml +++ b/packages/google_workspace/data_stream/drive/fields/ecs.yml @@ -72,10 +72,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.region_iso_code - external: ecs diff --git a/packages/google_workspace/manifest.yml b/packages/google_workspace/manifest.yml index 06266599b03..15f824e828c 100644 --- a/packages/google_workspace/manifest.yml +++ b/packages/google_workspace/manifest.yml @@ -1,6 +1,6 @@ name: google_workspace title: Google Workspace -version: 1.7.0 +version: 1.7.1 release: ga description: Collect logs from Google Workspace with Elastic Agent. type: integration diff --git a/packages/hid_bravura_monitor/changelog.yml b/packages/hid_bravura_monitor/changelog.yml index 144aac6b0e4..18bd9c98b7d 100644 --- a/packages/hid_bravura_monitor/changelog.yml +++ b/packages/hid_bravura_monitor/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.2.2" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.2.1" changes: - description: Remove unused visualizations diff --git a/packages/hid_bravura_monitor/data_stream/log/fields/ecs.yml b/packages/hid_bravura_monitor/data_stream/log/fields/ecs.yml index eaee751dad7..f37368e5faa 100644 --- a/packages/hid_bravura_monitor/data_stream/log/fields/ecs.yml +++ b/packages/hid_bravura_monitor/data_stream/log/fields/ecs.yml @@ -20,10 +20,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.region_iso_code - external: ecs @@ -152,10 +150,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.region_iso_code - external: ecs diff --git a/packages/hid_bravura_monitor/manifest.yml b/packages/hid_bravura_monitor/manifest.yml index 8f8b017258a..2ea6ef61359 100644 --- a/packages/hid_bravura_monitor/manifest.yml +++ b/packages/hid_bravura_monitor/manifest.yml @@ -1,6 +1,6 @@ name: hid_bravura_monitor title: Hitachi ID Bravura Monitor -version: "1.2.1" +version: "1.2.2" categories: ["security"] release: ga description: Collect logs from Hitachi ID Security Fabric with Elastic Agent. diff --git a/packages/imperva/changelog.yml b/packages/imperva/changelog.yml index 2e3f88b4809..9ee48eae3d7 100644 --- a/packages/imperva/changelog.yml +++ b/packages/imperva/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.10.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "0.10.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/imperva/data_stream/securesphere/fields/ecs.yml b/packages/imperva/data_stream/securesphere/fields/ecs.yml index 1da8c39a341..fd1b4594e68 100644 --- a/packages/imperva/data_stream/securesphere/fields/ecs.yml +++ b/packages/imperva/data_stream/securesphere/fields/ecs.yml @@ -22,10 +22,8 @@ name: destination.geo.city_name - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.ip - external: ecs @@ -186,10 +184,8 @@ name: source.geo.city_name - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.ip - external: ecs diff --git a/packages/imperva/manifest.yml b/packages/imperva/manifest.yml index d013ffcc20c..eeba87bf5d4 100644 --- a/packages/imperva/manifest.yml +++ b/packages/imperva/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: imperva title: Imperva SecureSphere Logs -version: "0.10.0" +version: "0.10.1" description: Collect SecureSphere logs from Imperva devices with Elastic Agent. categories: ["network", "security"] release: experimental diff --git a/packages/iptables/changelog.yml b/packages/iptables/changelog.yml index 18ed4231ccf..2700c1c7fb7 100644 --- a/packages/iptables/changelog.yml +++ b/packages/iptables/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.0.2" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.0.1" changes: - description: Remove unused visualizations diff --git a/packages/iptables/data_stream/log/fields/ecs.yml b/packages/iptables/data_stream/log/fields/ecs.yml index 6ae6f210e59..a3e17acd276 100644 --- a/packages/iptables/data_stream/log/fields/ecs.yml +++ b/packages/iptables/data_stream/log/fields/ecs.yml @@ -10,10 +10,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.region_iso_code - external: ecs @@ -74,10 +72,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.region_iso_code - external: ecs diff --git a/packages/iptables/manifest.yml b/packages/iptables/manifest.yml index 8c27b637d08..c0e714ab0f8 100644 --- a/packages/iptables/manifest.yml +++ b/packages/iptables/manifest.yml @@ -1,6 +1,6 @@ name: iptables title: Iptables -version: "1.0.1" +version: "1.0.2" release: ga description: Collect logs from Iptables with Elastic Agent. type: integration diff --git a/packages/juniper_junos/changelog.yml b/packages/juniper_junos/changelog.yml index dce22f1a049..4c18fe74401 100644 --- a/packages/juniper_junos/changelog.yml +++ b/packages/juniper_junos/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.4.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "0.4.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/juniper_junos/data_stream/log/fields/ecs.yml b/packages/juniper_junos/data_stream/log/fields/ecs.yml index 1da8c39a341..fd1b4594e68 100644 --- a/packages/juniper_junos/data_stream/log/fields/ecs.yml +++ b/packages/juniper_junos/data_stream/log/fields/ecs.yml @@ -22,10 +22,8 @@ name: destination.geo.city_name - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.ip - external: ecs @@ -186,10 +184,8 @@ name: source.geo.city_name - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.ip - external: ecs diff --git a/packages/juniper_junos/manifest.yml b/packages/juniper_junos/manifest.yml index 9b61022f25e..0e0f4159a48 100644 --- a/packages/juniper_junos/manifest.yml +++ b/packages/juniper_junos/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: juniper_junos title: Juniper JunOS -version: "0.4.0" +version: "0.4.1" description: Collect logs from Juniper JunOS with Elastic Agent. categories: ["network", "security"] release: experimental diff --git a/packages/juniper_netscreen/changelog.yml b/packages/juniper_netscreen/changelog.yml index dc1a3b59df0..192ec0ed7c9 100644 --- a/packages/juniper_netscreen/changelog.yml +++ b/packages/juniper_netscreen/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.4.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "0.4.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/juniper_netscreen/data_stream/log/fields/ecs.yml b/packages/juniper_netscreen/data_stream/log/fields/ecs.yml index 1da8c39a341..fd1b4594e68 100644 --- a/packages/juniper_netscreen/data_stream/log/fields/ecs.yml +++ b/packages/juniper_netscreen/data_stream/log/fields/ecs.yml @@ -22,10 +22,8 @@ name: destination.geo.city_name - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.ip - external: ecs @@ -186,10 +184,8 @@ name: source.geo.city_name - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.ip - external: ecs diff --git a/packages/juniper_netscreen/manifest.yml b/packages/juniper_netscreen/manifest.yml index 923caef65f5..49ae6788b4a 100644 --- a/packages/juniper_netscreen/manifest.yml +++ b/packages/juniper_netscreen/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: juniper_netscreen title: Juniper NetScreen -version: "0.4.0" +version: "0.4.1" description: Collect logs from Juniper NetScreen with Elastic Agent. categories: ["network", "security"] release: experimental diff --git a/packages/juniper_srx/changelog.yml b/packages/juniper_srx/changelog.yml index b6b1f655458..70904a91c05 100644 --- a/packages/juniper_srx/changelog.yml +++ b/packages/juniper_srx/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.5.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.5.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/juniper_srx/data_stream/log/fields/ecs.yml b/packages/juniper_srx/data_stream/log/fields/ecs.yml index 5708c81eb0c..5819a43f79f 100644 --- a/packages/juniper_srx/data_stream/log/fields/ecs.yml +++ b/packages/juniper_srx/data_stream/log/fields/ecs.yml @@ -34,10 +34,8 @@ name: client.geo.country_iso_code - external: ecs name: client.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: client.geo.location - type: geo_point - external: ecs name: client.geo.name - external: ecs @@ -140,10 +138,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -480,10 +476,8 @@ name: host.geo.country_iso_code - external: ecs name: host.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: host.geo.location - type: geo_point - external: ecs name: host.geo.name - external: ecs @@ -618,10 +612,8 @@ name: observer.geo.country_iso_code - external: ecs name: observer.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: observer.geo.location - type: geo_point - external: ecs name: observer.geo.name - external: ecs @@ -912,10 +904,8 @@ name: server.geo.country_iso_code - external: ecs name: server.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: server.geo.location - type: geo_point - external: ecs name: server.geo.name - external: ecs @@ -990,10 +980,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/juniper_srx/manifest.yml b/packages/juniper_srx/manifest.yml index b857757f82c..b73fbc4bbf2 100644 --- a/packages/juniper_srx/manifest.yml +++ b/packages/juniper_srx/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: juniper_srx title: Juniper SRX -version: "1.5.0" +version: "1.5.1" description: Collect logs from Juniper SRX devices with Elastic Agent. categories: ["network", "security"] release: ga diff --git a/packages/modsecurity/changelog.yml b/packages/modsecurity/changelog.yml index 1d9ee8771ea..59d5c45be72 100644 --- a/packages/modsecurity/changelog.yml +++ b/packages/modsecurity/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.2.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.2.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/modsecurity/data_stream/auditlog/fields/ecs.yml b/packages/modsecurity/data_stream/auditlog/fields/ecs.yml index 34d49f17a97..42ac617b656 100644 --- a/packages/modsecurity/data_stream/auditlog/fields/ecs.yml +++ b/packages/modsecurity/data_stream/auditlog/fields/ecs.yml @@ -38,10 +38,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.region_iso_code - external: ecs diff --git a/packages/modsecurity/manifest.yml b/packages/modsecurity/manifest.yml index 6fe6f3358ef..cca3e50be6b 100644 --- a/packages/modsecurity/manifest.yml +++ b/packages/modsecurity/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: modsecurity title: "ModSecurity Audit" -version: 1.2.0 +version: 1.2.1 license: basic description: Collect logs from ModSecurity with Elastic Agent type: integration diff --git a/packages/netflow/changelog.yml b/packages/netflow/changelog.yml index 46ac626b293..3e829d3c54f 100644 --- a/packages/netflow/changelog.yml +++ b/packages/netflow/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.2.3" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "2.2.2" changes: - description: Remove unused visualizations diff --git a/packages/netflow/data_stream/log/fields/ecs.yml b/packages/netflow/data_stream/log/fields/ecs.yml index 8d3da9674be..1885cb1d37f 100644 --- a/packages/netflow/data_stream/log/fields/ecs.yml +++ b/packages/netflow/data_stream/log/fields/ecs.yml @@ -32,10 +32,8 @@ name: client.geo.country_iso_code - external: ecs name: client.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: client.geo.location - type: geo_point - external: ecs name: client.geo.name - external: ecs @@ -120,10 +118,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -336,10 +332,8 @@ name: host.geo.country_iso_code - external: ecs name: host.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: host.geo.location - type: geo_point - external: ecs name: host.geo.name - external: ecs @@ -448,10 +442,8 @@ name: observer.geo.country_iso_code - external: ecs name: observer.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: observer.geo.location - type: geo_point - external: ecs name: observer.geo.name - external: ecs @@ -576,10 +568,8 @@ name: server.geo.country_iso_code - external: ecs name: server.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: server.geo.location - type: geo_point - external: ecs name: server.geo.name - external: ecs @@ -652,10 +642,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/netflow/manifest.yml b/packages/netflow/manifest.yml index a81d4bbee83..f167ead54e2 100644 --- a/packages/netflow/manifest.yml +++ b/packages/netflow/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: netflow title: NetFlow Records -version: "2.2.2" +version: "2.2.3" license: basic description: Collect flow records from NetFlow and IPFIX exporters with Elastic Agent. type: integration diff --git a/packages/netscout/changelog.yml b/packages/netscout/changelog.yml index 3407fba20c7..5a224c9465d 100644 --- a/packages/netscout/changelog.yml +++ b/packages/netscout/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.10.2" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "0.10.1" changes: - description: Tidy up of Markdown in Readme.md, including adding link to developer's documentation diff --git a/packages/netscout/data_stream/sightline/fields/ecs.yml b/packages/netscout/data_stream/sightline/fields/ecs.yml index 1da8c39a341..fd1b4594e68 100644 --- a/packages/netscout/data_stream/sightline/fields/ecs.yml +++ b/packages/netscout/data_stream/sightline/fields/ecs.yml @@ -22,10 +22,8 @@ name: destination.geo.city_name - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.ip - external: ecs @@ -186,10 +184,8 @@ name: source.geo.city_name - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.ip - external: ecs diff --git a/packages/netscout/manifest.yml b/packages/netscout/manifest.yml index da62ca8d4ad..d5613af89ed 100644 --- a/packages/netscout/manifest.yml +++ b/packages/netscout/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: netscout title: Arbor Peakflow SP Logs -version: "0.10.1" +version: "0.10.2" description: Collect and parse logs from Netscout Arbor Peakflow SP with Elastic Agent. categories: ["security"] release: experimental diff --git a/packages/o365/changelog.yml b/packages/o365/changelog.yml index 09afc77437a..9726c3d0347 100644 --- a/packages/o365/changelog.yml +++ b/packages/o365/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.8.2" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.8.1" changes: - description: Added link to Microsoft documentation. diff --git a/packages/o365/data_stream/audit/fields/ecs.yml b/packages/o365/data_stream/audit/fields/ecs.yml index 7c16cc39f3f..cf244858659 100644 --- a/packages/o365/data_stream/audit/fields/ecs.yml +++ b/packages/o365/data_stream/audit/fields/ecs.yml @@ -98,10 +98,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/o365/manifest.yml b/packages/o365/manifest.yml index 494bcfe166c..b2ca2c4cf21 100644 --- a/packages/o365/manifest.yml +++ b/packages/o365/manifest.yml @@ -1,6 +1,6 @@ name: o365 title: Microsoft 365 -version: 1.8.1 +version: 1.8.2 release: ga description: Collect logs from Microsoft 365 with Elastic Agent. type: integration diff --git a/packages/okta/changelog.yml b/packages/okta/changelog.yml index 805082a03f1..770c9ecc50f 100644 --- a/packages/okta/changelog.yml +++ b/packages/okta/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.10.2" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.10.1" changes: - description: Mark api_key config option as a required field diff --git a/packages/okta/data_stream/system/fields/ecs.yml b/packages/okta/data_stream/system/fields/ecs.yml index 971ea67bca8..72f40cdc082 100644 --- a/packages/okta/data_stream/system/fields/ecs.yml +++ b/packages/okta/data_stream/system/fields/ecs.yml @@ -8,10 +8,8 @@ name: client.geo.city_name - external: ecs name: client.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: client.geo.location - type: geo_point - external: ecs name: client.geo.region_name - external: ecs @@ -34,10 +32,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -88,10 +84,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/okta/manifest.yml b/packages/okta/manifest.yml index 9279c51f5bc..90b4fb2b8a3 100644 --- a/packages/okta/manifest.yml +++ b/packages/okta/manifest.yml @@ -1,6 +1,6 @@ name: okta title: Okta -version: 1.10.1 +version: 1.10.2 release: ga description: Collect and parse event logs from Okta API with Elastic Agent. type: integration diff --git a/packages/pfsense/changelog.yml b/packages/pfsense/changelog.yml index d2ee8fe12e5..346c44b9aee 100644 --- a/packages/pfsense/changelog.yml +++ b/packages/pfsense/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.3.2" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.3.1" changes: - description: Fix redundant Grok pattern diff --git a/packages/pfsense/data_stream/log/fields/ecs.yml b/packages/pfsense/data_stream/log/fields/ecs.yml index fedc84a2e63..25f218f4118 100644 --- a/packages/pfsense/data_stream/log/fields/ecs.yml +++ b/packages/pfsense/data_stream/log/fields/ecs.yml @@ -19,10 +19,8 @@ name: client.geo.country_iso_code - external: ecs name: client.geo.country_name -- description: Longitude and latitude. - example: '{ "lon": -73.614830, "lat": 45.505918 }' +- external: ecs name: client.geo.location - type: geo_point - external: ecs name: client.geo.region_iso_code - external: ecs @@ -49,10 +47,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - example: '{ "lon": -73.614830, "lat": 45.505918 }' +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs diff --git a/packages/pfsense/manifest.yml b/packages/pfsense/manifest.yml index 6a63a0c78a9..6e15fda7e65 100644 --- a/packages/pfsense/manifest.yml +++ b/packages/pfsense/manifest.yml @@ -1,6 +1,6 @@ name: pfsense title: pfSense -version: "1.3.1" +version: "1.3.2" release: ga description: Collect logs from pfSense and OPNsense with Elastic Agent. type: integration diff --git a/packages/pulse_connect_secure/changelog.yml b/packages/pulse_connect_secure/changelog.yml index ac8a6558a2a..8b7b52941f6 100644 --- a/packages/pulse_connect_secure/changelog.yml +++ b/packages/pulse_connect_secure/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.2.2" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.2.1" changes: - description: Fix minor issues with grok patterns diff --git a/packages/pulse_connect_secure/data_stream/log/fields/ecs.yml b/packages/pulse_connect_secure/data_stream/log/fields/ecs.yml index de716d943d0..1c91171de90 100644 --- a/packages/pulse_connect_secure/data_stream/log/fields/ecs.yml +++ b/packages/pulse_connect_secure/data_stream/log/fields/ecs.yml @@ -24,10 +24,8 @@ name: client.geo.country_iso_code - external: ecs name: client.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: client.geo.location - type: geo_point - external: ecs name: source.as.number - external: ecs @@ -44,10 +42,8 @@ name: source.geo.city_name - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: client.ip - external: ecs @@ -100,10 +96,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.ip - external: ecs diff --git a/packages/pulse_connect_secure/manifest.yml b/packages/pulse_connect_secure/manifest.yml index 7ce29c0925e..560315359ac 100644 --- a/packages/pulse_connect_secure/manifest.yml +++ b/packages/pulse_connect_secure/manifest.yml @@ -1,6 +1,6 @@ name: pulse_connect_secure title: Pulse Connect Secure -version: "1.2.1" +version: "1.2.2" release: ga description: Collect logs from Pulse Connect Secure with Elastic Agent. type: integration diff --git a/packages/qnap_nas/changelog.yml b/packages/qnap_nas/changelog.yml index 8fa87c78340..6bd4b57d923 100644 --- a/packages/qnap_nas/changelog.yml +++ b/packages/qnap_nas/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.4.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.4.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/qnap_nas/data_stream/log/fields/ecs.yml b/packages/qnap_nas/data_stream/log/fields/ecs.yml index 0c72fccafe0..188ab8012b7 100644 --- a/packages/qnap_nas/data_stream/log/fields/ecs.yml +++ b/packages/qnap_nas/data_stream/log/fields/ecs.yml @@ -38,10 +38,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.region_iso_code - external: ecs diff --git a/packages/qnap_nas/manifest.yml b/packages/qnap_nas/manifest.yml index b630fa23985..7d02ba2d5f7 100644 --- a/packages/qnap_nas/manifest.yml +++ b/packages/qnap_nas/manifest.yml @@ -1,6 +1,6 @@ name: qnap_nas title: QNAP NAS -version: "1.4.0" +version: "1.4.1" release: ga description: Collect logs from QNAP NAS devices with Elastic Agent. type: integration diff --git a/packages/radware/changelog.yml b/packages/radware/changelog.yml index b4aa87665ac..1f22b67e215 100644 --- a/packages/radware/changelog.yml +++ b/packages/radware/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.9.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "0.9.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/radware/data_stream/defensepro/fields/ecs.yml b/packages/radware/data_stream/defensepro/fields/ecs.yml index 1da8c39a341..fd1b4594e68 100644 --- a/packages/radware/data_stream/defensepro/fields/ecs.yml +++ b/packages/radware/data_stream/defensepro/fields/ecs.yml @@ -22,10 +22,8 @@ name: destination.geo.city_name - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.ip - external: ecs @@ -186,10 +184,8 @@ name: source.geo.city_name - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.ip - external: ecs diff --git a/packages/radware/manifest.yml b/packages/radware/manifest.yml index a7c32e5f180..ad16884a7ba 100644 --- a/packages/radware/manifest.yml +++ b/packages/radware/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: radware title: Radware DefensePro Logs -version: "0.9.0" +version: "0.9.1" description: Collect defensePro logs from Radware devices with Elastic Agent. categories: ["security"] release: experimental diff --git a/packages/squid/changelog.yml b/packages/squid/changelog.yml index 558943375b8..1b311f2dcda 100644 --- a/packages/squid/changelog.yml +++ b/packages/squid/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.10.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "0.10.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/squid/data_stream/log/fields/ecs.yml b/packages/squid/data_stream/log/fields/ecs.yml index 20e5a824aed..0efc8093c7f 100644 --- a/packages/squid/data_stream/log/fields/ecs.yml +++ b/packages/squid/data_stream/log/fields/ecs.yml @@ -26,10 +26,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.region_iso_code - external: ecs @@ -194,10 +192,8 @@ name: source.geo.city_name - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.ip - external: ecs diff --git a/packages/squid/manifest.yml b/packages/squid/manifest.yml index acd54eb9728..c92406441f5 100644 --- a/packages/squid/manifest.yml +++ b/packages/squid/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: squid title: Squid Logs -version: "0.10.0" +version: "0.10.1" description: Collect and parse logs from Squid devices with Elastic Agent. categories: ["security"] release: experimental diff --git a/packages/suricata/changelog.yml b/packages/suricata/changelog.yml index 17093b428c3..7aa6583b550 100644 --- a/packages/suricata/changelog.yml +++ b/packages/suricata/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.4.2" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "2.4.1" changes: - description: Remove unused visualizations diff --git a/packages/suricata/data_stream/eve/fields/ecs.yml b/packages/suricata/data_stream/eve/fields/ecs.yml index fa6d117c34f..3058aeaa1d3 100644 --- a/packages/suricata/data_stream/eve/fields/ecs.yml +++ b/packages/suricata/data_stream/eve/fields/ecs.yml @@ -18,10 +18,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.region_iso_code - external: ecs @@ -100,10 +98,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.region_iso_code - external: ecs diff --git a/packages/suricata/manifest.yml b/packages/suricata/manifest.yml index 4a32f331363..cb8c329d816 100644 --- a/packages/suricata/manifest.yml +++ b/packages/suricata/manifest.yml @@ -1,6 +1,6 @@ name: suricata title: Suricata -version: 2.4.1 +version: 2.4.2 release: ga description: Collect logs from Suricata with Elastic Agent. type: integration diff --git a/packages/tomcat/changelog.yml b/packages/tomcat/changelog.yml index fe0c789e80e..22a81e20638 100644 --- a/packages/tomcat/changelog.yml +++ b/packages/tomcat/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.6.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.6.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/tomcat/data_stream/log/fields/ecs.yml b/packages/tomcat/data_stream/log/fields/ecs.yml index 384fbb680e5..31bb5a5f2cf 100644 --- a/packages/tomcat/data_stream/log/fields/ecs.yml +++ b/packages/tomcat/data_stream/log/fields/ecs.yml @@ -24,10 +24,8 @@ name: destination.geo.city_name - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.ip - external: ecs @@ -190,10 +188,8 @@ name: source.geo.city_name - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.ip - external: ecs diff --git a/packages/tomcat/manifest.yml b/packages/tomcat/manifest.yml index e42e731ba54..4f5f051564a 100644 --- a/packages/tomcat/manifest.yml +++ b/packages/tomcat/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: tomcat title: Apache Tomcat -version: "1.6.0" +version: "1.6.1" description: Collect and parse logs from Apache Tomcat servers with Elastic Agent. categories: ["web", "security"] release: ga diff --git a/packages/zeek/changelog.yml b/packages/zeek/changelog.yml index c0af0e1b941..d402688aafc 100644 --- a/packages/zeek/changelog.yml +++ b/packages/zeek/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.5.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "2.5.0" changes: - description: Add threat.indicator handling diff --git a/packages/zeek/data_stream/connection/fields/ecs.yml b/packages/zeek/data_stream/connection/fields/ecs.yml index f74955ccbab..7190d459153 100644 --- a/packages/zeek/data_stream/connection/fields/ecs.yml +++ b/packages/zeek/data_stream/connection/fields/ecs.yml @@ -14,10 +14,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -82,10 +80,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/dce_rpc/fields/ecs.yml b/packages/zeek/data_stream/dce_rpc/fields/ecs.yml index 81efb6bffbb..1030ff048de 100644 --- a/packages/zeek/data_stream/dce_rpc/fields/ecs.yml +++ b/packages/zeek/data_stream/dce_rpc/fields/ecs.yml @@ -14,10 +14,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -72,10 +70,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/dnp3/fields/ecs.yml b/packages/zeek/data_stream/dnp3/fields/ecs.yml index 81efb6bffbb..1030ff048de 100644 --- a/packages/zeek/data_stream/dnp3/fields/ecs.yml +++ b/packages/zeek/data_stream/dnp3/fields/ecs.yml @@ -14,10 +14,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -72,10 +70,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/dns/fields/ecs.yml b/packages/zeek/data_stream/dns/fields/ecs.yml index b183a600a17..324adb39afa 100644 --- a/packages/zeek/data_stream/dns/fields/ecs.yml +++ b/packages/zeek/data_stream/dns/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -106,10 +104,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/dpd/fields/ecs.yml b/packages/zeek/data_stream/dpd/fields/ecs.yml index 8d82c4322c6..cb9932df2e8 100644 --- a/packages/zeek/data_stream/dpd/fields/ecs.yml +++ b/packages/zeek/data_stream/dpd/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -64,10 +62,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/ftp/fields/ecs.yml b/packages/zeek/data_stream/ftp/fields/ecs.yml index c6e37463e57..aa67192d8ae 100644 --- a/packages/zeek/data_stream/ftp/fields/ecs.yml +++ b/packages/zeek/data_stream/ftp/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -74,10 +72,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/http/fields/ecs.yml b/packages/zeek/data_stream/http/fields/ecs.yml index 5709043125d..1174cd9a853 100644 --- a/packages/zeek/data_stream/http/fields/ecs.yml +++ b/packages/zeek/data_stream/http/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -82,10 +80,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/intel/fields/ecs.yml b/packages/zeek/data_stream/intel/fields/ecs.yml index 5f3f3f96e73..095b643de7b 100644 --- a/packages/zeek/data_stream/intel/fields/ecs.yml +++ b/packages/zeek/data_stream/intel/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -60,10 +58,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/irc/fields/ecs.yml b/packages/zeek/data_stream/irc/fields/ecs.yml index e93d9d0a360..8949df49069 100644 --- a/packages/zeek/data_stream/irc/fields/ecs.yml +++ b/packages/zeek/data_stream/irc/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -76,10 +74,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/kerberos/fields/ecs.yml b/packages/zeek/data_stream/kerberos/fields/ecs.yml index b0571d72cd2..19ad2cf9f18 100644 --- a/packages/zeek/data_stream/kerberos/fields/ecs.yml +++ b/packages/zeek/data_stream/kerberos/fields/ecs.yml @@ -14,10 +14,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -76,10 +74,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/modbus/fields/ecs.yml b/packages/zeek/data_stream/modbus/fields/ecs.yml index 9a90a894bfc..2eaf379e2af 100644 --- a/packages/zeek/data_stream/modbus/fields/ecs.yml +++ b/packages/zeek/data_stream/modbus/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -70,10 +68,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/mysql/fields/ecs.yml b/packages/zeek/data_stream/mysql/fields/ecs.yml index 9a90a894bfc..2eaf379e2af 100644 --- a/packages/zeek/data_stream/mysql/fields/ecs.yml +++ b/packages/zeek/data_stream/mysql/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -70,10 +68,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/notice/fields/ecs.yml b/packages/zeek/data_stream/notice/fields/ecs.yml index f65bf4ac73c..6b027b0238b 100644 --- a/packages/zeek/data_stream/notice/fields/ecs.yml +++ b/packages/zeek/data_stream/notice/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -72,10 +70,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/ntlm/fields/ecs.yml b/packages/zeek/data_stream/ntlm/fields/ecs.yml index 09d99f4edae..db15eb55bc9 100644 --- a/packages/zeek/data_stream/ntlm/fields/ecs.yml +++ b/packages/zeek/data_stream/ntlm/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -72,10 +70,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/radius/fields/ecs.yml b/packages/zeek/data_stream/radius/fields/ecs.yml index f5ec185863d..faa5fe04ae7 100644 --- a/packages/zeek/data_stream/radius/fields/ecs.yml +++ b/packages/zeek/data_stream/radius/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -70,10 +68,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/rdp/fields/ecs.yml b/packages/zeek/data_stream/rdp/fields/ecs.yml index 30cd99f0657..c604af1476b 100644 --- a/packages/zeek/data_stream/rdp/fields/ecs.yml +++ b/packages/zeek/data_stream/rdp/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -66,10 +64,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/rfb/fields/ecs.yml b/packages/zeek/data_stream/rfb/fields/ecs.yml index ec8469ad616..e135cb15964 100644 --- a/packages/zeek/data_stream/rfb/fields/ecs.yml +++ b/packages/zeek/data_stream/rfb/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -66,10 +64,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/sip/fields/ecs.yml b/packages/zeek/data_stream/sip/fields/ecs.yml index e11680e2ac8..1adb281acc2 100644 --- a/packages/zeek/data_stream/sip/fields/ecs.yml +++ b/packages/zeek/data_stream/sip/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -70,10 +68,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/smb_cmd/fields/ecs.yml b/packages/zeek/data_stream/smb_cmd/fields/ecs.yml index e15f8b2f76f..092743cda0e 100644 --- a/packages/zeek/data_stream/smb_cmd/fields/ecs.yml +++ b/packages/zeek/data_stream/smb_cmd/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -72,10 +70,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/smb_files/fields/ecs.yml b/packages/zeek/data_stream/smb_files/fields/ecs.yml index 1745a32cd5f..f58f10d4bd4 100644 --- a/packages/zeek/data_stream/smb_files/fields/ecs.yml +++ b/packages/zeek/data_stream/smb_files/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -84,10 +82,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/smb_mapping/fields/ecs.yml b/packages/zeek/data_stream/smb_mapping/fields/ecs.yml index 7147180ac12..296824b143e 100644 --- a/packages/zeek/data_stream/smb_mapping/fields/ecs.yml +++ b/packages/zeek/data_stream/smb_mapping/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -68,10 +66,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/smtp/fields/ecs.yml b/packages/zeek/data_stream/smtp/fields/ecs.yml index 30cd99f0657..c604af1476b 100644 --- a/packages/zeek/data_stream/smtp/fields/ecs.yml +++ b/packages/zeek/data_stream/smtp/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -66,10 +64,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/snmp/fields/ecs.yml b/packages/zeek/data_stream/snmp/fields/ecs.yml index ec8469ad616..e135cb15964 100644 --- a/packages/zeek/data_stream/snmp/fields/ecs.yml +++ b/packages/zeek/data_stream/snmp/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -66,10 +64,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/socks/fields/ecs.yml b/packages/zeek/data_stream/socks/fields/ecs.yml index 386cec39d8a..e185fe8edee 100644 --- a/packages/zeek/data_stream/socks/fields/ecs.yml +++ b/packages/zeek/data_stream/socks/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -68,10 +66,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/ssh/fields/ecs.yml b/packages/zeek/data_stream/ssh/fields/ecs.yml index 8dcb36c3b63..f5f1457bdb1 100644 --- a/packages/zeek/data_stream/ssh/fields/ecs.yml +++ b/packages/zeek/data_stream/ssh/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -68,10 +66,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/ssl/fields/ecs.yml b/packages/zeek/data_stream/ssl/fields/ecs.yml index 6aa9ef6b90c..446c23ddf95 100644 --- a/packages/zeek/data_stream/ssl/fields/ecs.yml +++ b/packages/zeek/data_stream/ssl/fields/ecs.yml @@ -14,10 +14,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -70,10 +68,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/syslog/fields/ecs.yml b/packages/zeek/data_stream/syslog/fields/ecs.yml index 59191857bc6..81e8dbcff40 100644 --- a/packages/zeek/data_stream/syslog/fields/ecs.yml +++ b/packages/zeek/data_stream/syslog/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -68,10 +66,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/traceroute/fields/ecs.yml b/packages/zeek/data_stream/traceroute/fields/ecs.yml index 3cc612d788a..26812616354 100644 --- a/packages/zeek/data_stream/traceroute/fields/ecs.yml +++ b/packages/zeek/data_stream/traceroute/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -58,10 +56,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/tunnel/fields/ecs.yml b/packages/zeek/data_stream/tunnel/fields/ecs.yml index 00835dedf9c..58a57491543 100644 --- a/packages/zeek/data_stream/tunnel/fields/ecs.yml +++ b/packages/zeek/data_stream/tunnel/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -62,10 +60,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/data_stream/weird/fields/ecs.yml b/packages/zeek/data_stream/weird/fields/ecs.yml index 8e984c513f4..64b55a63efd 100644 --- a/packages/zeek/data_stream/weird/fields/ecs.yml +++ b/packages/zeek/data_stream/weird/fields/ecs.yml @@ -12,10 +12,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -60,10 +58,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/zeek/manifest.yml b/packages/zeek/manifest.yml index 29355bd613c..de4c3797044 100644 --- a/packages/zeek/manifest.yml +++ b/packages/zeek/manifest.yml @@ -1,6 +1,6 @@ name: zeek title: Zeek -version: 2.5.0 +version: 2.5.1 release: ga description: Collect logs from Zeek with Elastic Agent. type: integration diff --git a/packages/zscaler_zia/changelog.yml b/packages/zscaler_zia/changelog.yml index fc35243b00b..69a5acfc4cc 100644 --- a/packages/zscaler_zia/changelog.yml +++ b/packages/zscaler_zia/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.4.2" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "2.4.1" changes: - description: Remap network.protocol to valid values for web data stream. diff --git a/packages/zscaler_zia/manifest.yml b/packages/zscaler_zia/manifest.yml index 1b3e0b22dcc..fab97a06fc8 100644 --- a/packages/zscaler_zia/manifest.yml +++ b/packages/zscaler_zia/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: zscaler_zia title: Zscaler Internet Access -version: 2.4.1 +version: 2.4.2 license: basic description: Collect logs from Zscaler Internet Access (ZIA) with Elastic Agent. type: integration diff --git a/packages/zscaler_zpa/changelog.yml b/packages/zscaler_zpa/changelog.yml index eedcc5787ff..4cacf518980 100644 --- a/packages/zscaler_zpa/changelog.yml +++ b/packages/zscaler_zpa/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.2.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.2.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/zscaler_zpa/data_stream/audit/fields/ecs.yml b/packages/zscaler_zpa/data_stream/audit/fields/ecs.yml index db646bab41a..95eeed54385 100644 --- a/packages/zscaler_zpa/data_stream/audit/fields/ecs.yml +++ b/packages/zscaler_zpa/data_stream/audit/fields/ecs.yml @@ -12,10 +12,8 @@ name: observer.geo.city_name - external: ecs name: observer.geo.country_name -- description: Longitude and latitude. - level: core +- external: ecs name: observer.geo.location - type: geo_point - external: ecs name: organization.id - external: ecs diff --git a/packages/zscaler_zpa/data_stream/user_activity/fields/ecs.yml b/packages/zscaler_zpa/data_stream/user_activity/fields/ecs.yml index e962c22ab2f..b992a363c9f 100644 --- a/packages/zscaler_zpa/data_stream/user_activity/fields/ecs.yml +++ b/packages/zscaler_zpa/data_stream/user_activity/fields/ecs.yml @@ -1,9 +1,7 @@ - external: ecs name: client.geo.country_iso_code -- description: Longitude and latitude. - level: core +- external: ecs name: client.geo.location - type: geo_point - external: ecs name: client.ip - external: ecs diff --git a/packages/zscaler_zpa/data_stream/user_status/fields/ecs.yml b/packages/zscaler_zpa/data_stream/user_status/fields/ecs.yml index 7eb11b68a46..8eef7bf2f1f 100644 --- a/packages/zscaler_zpa/data_stream/user_status/fields/ecs.yml +++ b/packages/zscaler_zpa/data_stream/user_status/fields/ecs.yml @@ -1,9 +1,7 @@ - external: ecs name: client.geo.country_iso_code -- description: Longitude and latitude. - level: core +- external: ecs name: client.geo.location - type: geo_point - external: ecs name: client.ip - external: ecs @@ -12,10 +10,8 @@ name: organization.name - external: ecs name: server.geo.country_iso_code -- description: Longitude and latitude. - level: core +- external: ecs name: server.geo.location - type: geo_point - external: ecs name: related.hosts - external: ecs diff --git a/packages/zscaler_zpa/manifest.yml b/packages/zscaler_zpa/manifest.yml index 08029ebbf8c..d4713fec29d 100644 --- a/packages/zscaler_zpa/manifest.yml +++ b/packages/zscaler_zpa/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: zscaler_zpa title: "Zscaler Private Access" -version: "1.2.0" +version: "1.2.1" license: basic description: Collect logs from Zscaler Private Access (ZPA) with Elastic Agent. type: integration From 6eb77639e28213d34fa6ffbcd2f39548e2cd3a2a Mon Sep 17 00:00:00 2001 From: Dan Kortschak Date: Mon, 19 Sep 2022 19:11:48 +0930 Subject: [PATCH 2/3] address pr comments --- packages/akamai/data_stream/siem/fields/ecs.yml | 4 +--- packages/cloudflare/data_stream/audit/fields/ecs.yml | 4 +--- .../cloudflare/data_stream/logpull/fields/ecs.yml | 12 +++--------- .../data_stream/log/fields/ecs.yml | 2 -- packages/zscaler_zia/changelog.yml | 5 ----- packages/zscaler_zia/manifest.yml | 2 +- 6 files changed, 6 insertions(+), 23 deletions(-) diff --git a/packages/akamai/data_stream/siem/fields/ecs.yml b/packages/akamai/data_stream/siem/fields/ecs.yml index 873e83ac383..18dabd4e181 100644 --- a/packages/akamai/data_stream/siem/fields/ecs.yml +++ b/packages/akamai/data_stream/siem/fields/ecs.yml @@ -71,9 +71,7 @@ - name: source.geo.country_name external: ecs - name: source.geo.location - description: Longitude and latitude. - example: '{ "lon": -73.614830, "lat": 45.505918 }' - type: geo_point + external: ecs - name: source.geo.name external: ecs - name: source.geo.region_iso_code diff --git a/packages/cloudflare/data_stream/audit/fields/ecs.yml b/packages/cloudflare/data_stream/audit/fields/ecs.yml index f80e416704b..2753c4e415e 100644 --- a/packages/cloudflare/data_stream/audit/fields/ecs.yml +++ b/packages/cloudflare/data_stream/audit/fields/ecs.yml @@ -33,9 +33,7 @@ - name: source.geo.country_name external: ecs - name: source.geo.location - description: Longitude and latitude. - example: '{ "lon": -73.614830, "lat": 45.505918 }' - type: geo_point + external: ecs - name: source.geo.name external: ecs - name: source.geo.region_iso_code diff --git a/packages/cloudflare/data_stream/logpull/fields/ecs.yml b/packages/cloudflare/data_stream/logpull/fields/ecs.yml index 0b84afe75a4..a85f3623a0d 100644 --- a/packages/cloudflare/data_stream/logpull/fields/ecs.yml +++ b/packages/cloudflare/data_stream/logpull/fields/ecs.yml @@ -43,9 +43,7 @@ - name: destination.geo.country_name external: ecs - name: destination.geo.location - description: Longitude and latitude. - example: '{ "lon": -73.614830, "lat": 45.505918 }' - type: geo_point + external: ecs - name: destination.geo.name external: ecs - name: destination.geo.region_iso_code @@ -109,9 +107,7 @@ - name: source.geo.country_name external: ecs - name: source.geo.location - description: Longitude and latitude. - example: '{ "lon": -73.614830, "lat": 45.505918 }' - type: geo_point + external: ecs - name: source.geo.name external: ecs - name: source.geo.region_iso_code @@ -215,9 +211,7 @@ - name: observer.geo.region_iso_code external: ecs - name: observer.geo.location - description: Longitude and latitude. - example: '{ "lon": -73.614830, "lat": 45.505918 }' - type: geo_point + external: ecs - name: observer.geo.region_name external: ecs - name: observer.ip diff --git a/packages/pulse_connect_secure/data_stream/log/fields/ecs.yml b/packages/pulse_connect_secure/data_stream/log/fields/ecs.yml index 1c91171de90..62e8d28706d 100644 --- a/packages/pulse_connect_secure/data_stream/log/fields/ecs.yml +++ b/packages/pulse_connect_secure/data_stream/log/fields/ecs.yml @@ -42,8 +42,6 @@ name: source.geo.city_name - external: ecs name: source.geo.country_name -- external: ecs - name: source.geo.location - external: ecs name: client.ip - external: ecs diff --git a/packages/zscaler_zia/changelog.yml b/packages/zscaler_zia/changelog.yml index 69a5acfc4cc..fc35243b00b 100644 --- a/packages/zscaler_zia/changelog.yml +++ b/packages/zscaler_zia/changelog.yml @@ -1,9 +1,4 @@ # newer versions go on top -- version: "2.4.2" - changes: - - description: Use ECS geo.location definition. - type: enhancement - link: https://github.com/elastic/integrations/issues/4227 - version: "2.4.1" changes: - description: Remap network.protocol to valid values for web data stream. diff --git a/packages/zscaler_zia/manifest.yml b/packages/zscaler_zia/manifest.yml index fab97a06fc8..1b3e0b22dcc 100644 --- a/packages/zscaler_zia/manifest.yml +++ b/packages/zscaler_zia/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: zscaler_zia title: Zscaler Internet Access -version: 2.4.2 +version: 2.4.1 license: basic description: Collect logs from Zscaler Internet Access (ZIA) with Elastic Agent. type: integration From a17772cb49b42a0b07936d31d7a9955651c01374 Mon Sep 17 00:00:00 2001 From: Dan Kortschak Date: Mon, 19 Sep 2022 19:43:56 +0930 Subject: [PATCH 3/3] add missed packages --- packages/atlassian_bitbucket/changelog.yml | 5 +++++ .../atlassian_bitbucket/data_stream/audit/fields/ecs.yml | 4 +--- packages/atlassian_bitbucket/manifest.yml | 2 +- packages/cisco_duo/changelog.yml | 5 +++++ packages/cisco_duo/data_stream/auth/fields/ecs.yml | 6 ++---- packages/cisco_duo/manifest.yml | 2 +- .../google_workspace/data_stream/groups/fields/ecs.yml | 6 ++---- .../google_workspace/data_stream/login/fields/ecs.yml | 6 ++---- packages/google_workspace/data_stream/saml/fields/ecs.yml | 6 ++---- .../data_stream/user_accounts/fields/ecs.yml | 6 ++---- packages/keycloak/changelog.yml | 5 +++++ packages/keycloak/data_stream/log/fields/ecs.yml | 4 +--- packages/keycloak/manifest.yml | 2 +- packages/mattermost/changelog.yml | 5 +++++ packages/mattermost/data_stream/audit/fields/ecs.yml | 4 +--- packages/mattermost/manifest.yml | 2 +- packages/netskope/changelog.yml | 5 +++++ packages/netskope/data_stream/alerts/fields/ecs.yml | 6 ++---- packages/netskope/data_stream/events/fields/ecs.yml | 6 ++---- packages/netskope/manifest.yml | 2 +- packages/panw_cortex_xdr/changelog.yml | 5 +++++ .../panw_cortex_xdr/data_stream/alerts/fields/ecs.yml | 8 ++------ packages/panw_cortex_xdr/manifest.yml | 2 +- packages/slack/changelog.yml | 5 +++++ packages/slack/data_stream/audit/fields/ecs.yml | 4 +--- packages/slack/manifest.yml | 2 +- packages/sophos/changelog.yml | 5 +++++ packages/sophos/data_stream/utm/fields/ecs.yml | 6 ++---- packages/sophos/data_stream/xg/fields/ecs.yml | 6 ++---- packages/sophos/manifest.yml | 2 +- .../data_stream/app_connector_status/fields/ecs.yml | 3 +-- .../zscaler_zpa/data_stream/browser_access/fields/ecs.yml | 3 +-- packages/zscaler_zpa/docs/README.md | 4 ++-- 33 files changed, 76 insertions(+), 68 deletions(-) diff --git a/packages/atlassian_bitbucket/changelog.yml b/packages/atlassian_bitbucket/changelog.yml index 79262e070c1..f5f7384cfb2 100644 --- a/packages/atlassian_bitbucket/changelog.yml +++ b/packages/atlassian_bitbucket/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.4.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.4.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/atlassian_bitbucket/data_stream/audit/fields/ecs.yml b/packages/atlassian_bitbucket/data_stream/audit/fields/ecs.yml index 60d7aabde36..97d95f430af 100644 --- a/packages/atlassian_bitbucket/data_stream/audit/fields/ecs.yml +++ b/packages/atlassian_bitbucket/data_stream/audit/fields/ecs.yml @@ -49,9 +49,7 @@ - name: source.geo.country_name external: ecs - name: source.geo.location - description: Longitude and latitude. - example: '{ "lon": -73.614830, "lat": 45.505918 }' - type: geo_point + external: ecs - name: source.geo.name external: ecs - name: source.geo.region_iso_code diff --git a/packages/atlassian_bitbucket/manifest.yml b/packages/atlassian_bitbucket/manifest.yml index 43bb50266e1..b1488caa382 100644 --- a/packages/atlassian_bitbucket/manifest.yml +++ b/packages/atlassian_bitbucket/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: atlassian_bitbucket title: Atlassian Bitbucket -version: "1.4.0" +version: "1.4.1" license: basic description: Collect logs from Atlassian Bitbucket with Elastic Agent. type: integration diff --git a/packages/cisco_duo/changelog.yml b/packages/cisco_duo/changelog.yml index 3d41a0988d8..14901da7583 100644 --- a/packages/cisco_duo/changelog.yml +++ b/packages/cisco_duo/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.5.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.5.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/cisco_duo/data_stream/auth/fields/ecs.yml b/packages/cisco_duo/data_stream/auth/fields/ecs.yml index c5b4991d883..9293f31c0c9 100644 --- a/packages/cisco_duo/data_stream/auth/fields/ecs.yml +++ b/packages/cisco_duo/data_stream/auth/fields/ecs.yml @@ -44,10 +44,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- name: source.geo.location - level: core - type: geo_point - description: Longitude and latitude. +- external: ecs + name: source.geo.location - external: ecs name: source.geo.region_iso_code - external: ecs diff --git a/packages/cisco_duo/manifest.yml b/packages/cisco_duo/manifest.yml index 88ffdf99582..30fa4f35ac4 100644 --- a/packages/cisco_duo/manifest.yml +++ b/packages/cisco_duo/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: cisco_duo title: Cisco Duo -version: "1.5.0" +version: "1.5.1" license: basic description: Collect logs from Cisco Duo with Elastic Agent. type: integration diff --git a/packages/google_workspace/data_stream/groups/fields/ecs.yml b/packages/google_workspace/data_stream/groups/fields/ecs.yml index bbc5a2dd20c..5770f08422e 100644 --- a/packages/google_workspace/data_stream/groups/fields/ecs.yml +++ b/packages/google_workspace/data_stream/groups/fields/ecs.yml @@ -62,10 +62,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- name: source.geo.location - level: core - type: geo_point - description: Longitude and latitude. +- external: ecs + name: source.geo.location - external: ecs name: source.geo.region_iso_code - external: ecs diff --git a/packages/google_workspace/data_stream/login/fields/ecs.yml b/packages/google_workspace/data_stream/login/fields/ecs.yml index bbc5a2dd20c..5770f08422e 100644 --- a/packages/google_workspace/data_stream/login/fields/ecs.yml +++ b/packages/google_workspace/data_stream/login/fields/ecs.yml @@ -62,10 +62,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- name: source.geo.location - level: core - type: geo_point - description: Longitude and latitude. +- external: ecs + name: source.geo.location - external: ecs name: source.geo.region_iso_code - external: ecs diff --git a/packages/google_workspace/data_stream/saml/fields/ecs.yml b/packages/google_workspace/data_stream/saml/fields/ecs.yml index bbc5a2dd20c..5770f08422e 100644 --- a/packages/google_workspace/data_stream/saml/fields/ecs.yml +++ b/packages/google_workspace/data_stream/saml/fields/ecs.yml @@ -62,10 +62,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- name: source.geo.location - level: core - type: geo_point - description: Longitude and latitude. +- external: ecs + name: source.geo.location - external: ecs name: source.geo.region_iso_code - external: ecs diff --git a/packages/google_workspace/data_stream/user_accounts/fields/ecs.yml b/packages/google_workspace/data_stream/user_accounts/fields/ecs.yml index bbc5a2dd20c..5770f08422e 100644 --- a/packages/google_workspace/data_stream/user_accounts/fields/ecs.yml +++ b/packages/google_workspace/data_stream/user_accounts/fields/ecs.yml @@ -62,10 +62,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- name: source.geo.location - level: core - type: geo_point - description: Longitude and latitude. +- external: ecs + name: source.geo.location - external: ecs name: source.geo.region_iso_code - external: ecs diff --git a/packages/keycloak/changelog.yml b/packages/keycloak/changelog.yml index d312ce4b321..b00d03589f3 100644 --- a/packages/keycloak/changelog.yml +++ b/packages/keycloak/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.5.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.5.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/keycloak/data_stream/log/fields/ecs.yml b/packages/keycloak/data_stream/log/fields/ecs.yml index 1fe4f525dfc..6d3428b27d2 100644 --- a/packages/keycloak/data_stream/log/fields/ecs.yml +++ b/packages/keycloak/data_stream/log/fields/ecs.yml @@ -45,9 +45,7 @@ - name: source.geo.country_name external: ecs - name: source.geo.location - description: Longitude and latitude. - example: '{ "lon": -73.614830, "lat": 45.505918 }' - type: geo_point + external: ecs - name: source.geo.name external: ecs - name: source.geo.region_iso_code diff --git a/packages/keycloak/manifest.yml b/packages/keycloak/manifest.yml index 7971e4597f4..73e9d0dcd52 100644 --- a/packages/keycloak/manifest.yml +++ b/packages/keycloak/manifest.yml @@ -1,6 +1,6 @@ name: keycloak title: Keycloak -version: "1.5.0" +version: "1.5.1" release: ga description: Collect logs from Keycloak with Elastic Agent. type: integration diff --git a/packages/mattermost/changelog.yml b/packages/mattermost/changelog.yml index 8a4e16047d3..4e013d9626d 100644 --- a/packages/mattermost/changelog.yml +++ b/packages/mattermost/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.4.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.4.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/mattermost/data_stream/audit/fields/ecs.yml b/packages/mattermost/data_stream/audit/fields/ecs.yml index e51142dc94e..4ef73c50eee 100644 --- a/packages/mattermost/data_stream/audit/fields/ecs.yml +++ b/packages/mattermost/data_stream/audit/fields/ecs.yml @@ -33,9 +33,7 @@ - name: source.geo.country_name external: ecs - name: source.geo.location - description: Longitude and latitude. - example: '{ "lon": -73.614830, "lat": 45.505918 }' - type: geo_point + external: ecs - name: source.geo.name external: ecs - name: source.geo.region_iso_code diff --git a/packages/mattermost/manifest.yml b/packages/mattermost/manifest.yml index 766e7c618d8..99bdafbf6ea 100644 --- a/packages/mattermost/manifest.yml +++ b/packages/mattermost/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: mattermost title: "Mattermost" -version: 1.4.0 +version: 1.4.1 license: basic description: Collect logs from Mattermost with Elastic Agent. type: integration diff --git a/packages/netskope/changelog.yml b/packages/netskope/changelog.yml index 39424eb7267..165e4c2b842 100644 --- a/packages/netskope/changelog.yml +++ b/packages/netskope/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.3.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.3.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/netskope/data_stream/alerts/fields/ecs.yml b/packages/netskope/data_stream/alerts/fields/ecs.yml index fd79c8e0e94..236d4b5eb7e 100644 --- a/packages/netskope/data_stream/alerts/fields/ecs.yml +++ b/packages/netskope/data_stream/alerts/fields/ecs.yml @@ -22,9 +22,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.postal_code - external: ecs @@ -75,9 +74,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.postal_code - external: ecs diff --git a/packages/netskope/data_stream/events/fields/ecs.yml b/packages/netskope/data_stream/events/fields/ecs.yml index 74357380c59..96f49724789 100644 --- a/packages/netskope/data_stream/events/fields/ecs.yml +++ b/packages/netskope/data_stream/events/fields/ecs.yml @@ -26,9 +26,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -91,9 +90,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.postal_code - external: ecs diff --git a/packages/netskope/manifest.yml b/packages/netskope/manifest.yml index da3ba674c32..ce3a82b3e65 100644 --- a/packages/netskope/manifest.yml +++ b/packages/netskope/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: netskope title: "Netskope" -version: "1.3.0" +version: "1.3.1" license: basic description: Collect logs from Netskope with Elastic Agent. type: integration diff --git a/packages/panw_cortex_xdr/changelog.yml b/packages/panw_cortex_xdr/changelog.yml index ae9cf7813aa..32dcb7a9f2d 100644 --- a/packages/panw_cortex_xdr/changelog.yml +++ b/packages/panw_cortex_xdr/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.4.2" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "1.4.1" changes: - description: Bugfix on rename processors with conditionals. diff --git a/packages/panw_cortex_xdr/data_stream/alerts/fields/ecs.yml b/packages/panw_cortex_xdr/data_stream/alerts/fields/ecs.yml index e303f5b2082..609c23c6a74 100644 --- a/packages/panw_cortex_xdr/data_stream/alerts/fields/ecs.yml +++ b/packages/panw_cortex_xdr/data_stream/alerts/fields/ecs.yml @@ -63,9 +63,7 @@ - name: destination.geo.region_name external: ecs - name: destination.geo.location - description: Longitude and latitude. - example: '{ "lon": -73.614830, "lat": 45.505918 }' - type: geo_point + external: ecs - name: source.ip external: ecs - name: source.port @@ -81,9 +79,7 @@ - name: source.geo.country_name external: ecs - name: source.geo.location - description: Longitude and latitude. - example: '{ "lon": -73.614830, "lat": 45.505918 }' - type: geo_point + external: ecs - name: process.hash.sha256 external: ecs - name: process.command_line diff --git a/packages/panw_cortex_xdr/manifest.yml b/packages/panw_cortex_xdr/manifest.yml index 74e5224a002..99bb1925988 100644 --- a/packages/panw_cortex_xdr/manifest.yml +++ b/packages/panw_cortex_xdr/manifest.yml @@ -1,6 +1,6 @@ name: panw_cortex_xdr title: Palo Alto Cortex XDR -version: 1.4.1 +version: 1.4.2 release: ga description: Collect logs from Palo Alto Cortex XDR with Elastic Agent. type: integration diff --git a/packages/slack/changelog.yml b/packages/slack/changelog.yml index 0774e828ae9..2aec9db38bc 100644 --- a/packages/slack/changelog.yml +++ b/packages/slack/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.1.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "0.1.0" changes: - description: Initial draft of the package diff --git a/packages/slack/data_stream/audit/fields/ecs.yml b/packages/slack/data_stream/audit/fields/ecs.yml index d900413439e..555c90df706 100644 --- a/packages/slack/data_stream/audit/fields/ecs.yml +++ b/packages/slack/data_stream/audit/fields/ecs.yml @@ -37,9 +37,7 @@ - name: source.geo.country_name external: ecs - name: source.geo.location - description: Longitude and latitude. - example: '{ "lon": -73.614830, "lat": 45.505918 }' - type: geo_point + external: ecs - name: source.geo.name external: ecs - name: source.geo.region_iso_code diff --git a/packages/slack/manifest.yml b/packages/slack/manifest.yml index 798678d9306..414612e62a3 100644 --- a/packages/slack/manifest.yml +++ b/packages/slack/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: slack title: "Slack Logs" -version: 0.1.0 +version: 0.1.1 license: basic description: "Slack Logs Integration" type: integration diff --git a/packages/sophos/changelog.yml b/packages/sophos/changelog.yml index 8b4ca2d7800..ef74396f6a9 100644 --- a/packages/sophos/changelog.yml +++ b/packages/sophos/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "2.4.1" + changes: + - description: Use ECS geo.location definition. + type: enhancement + link: https://github.com/elastic/integrations/issues/4227 - version: "2.4.0" changes: - description: Update package to ECS 8.4.0 diff --git a/packages/sophos/data_stream/utm/fields/ecs.yml b/packages/sophos/data_stream/utm/fields/ecs.yml index 8500697a629..fd1b4594e68 100644 --- a/packages/sophos/data_stream/utm/fields/ecs.yml +++ b/packages/sophos/data_stream/utm/fields/ecs.yml @@ -22,9 +22,8 @@ name: destination.geo.city_name - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.ip - external: ecs @@ -185,9 +184,8 @@ name: source.geo.city_name - external: ecs name: source.geo.country_name -- description: Longitude and latitude. +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.ip - external: ecs diff --git a/packages/sophos/data_stream/xg/fields/ecs.yml b/packages/sophos/data_stream/xg/fields/ecs.yml index d565ad2e0af..40af5c77b99 100644 --- a/packages/sophos/data_stream/xg/fields/ecs.yml +++ b/packages/sophos/data_stream/xg/fields/ecs.yml @@ -14,9 +14,8 @@ name: destination.geo.country_iso_code - external: ecs name: destination.geo.country_name -- description: Longitude and latitude. +- external: ecs name: destination.geo.location - type: geo_point - external: ecs name: destination.geo.name - external: ecs @@ -179,9 +178,8 @@ name: source.geo.country_iso_code - external: ecs name: source.geo.country_name -- description: Longitude and latitude. +- external: ecs name: source.geo.location - type: geo_point - external: ecs name: source.geo.name - external: ecs diff --git a/packages/sophos/manifest.yml b/packages/sophos/manifest.yml index 26210a611b6..6a9143f31f1 100644 --- a/packages/sophos/manifest.yml +++ b/packages/sophos/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: sophos title: Sophos -version: "2.4.0" +version: "2.4.1" description: Collect logs from Sophos with Elastic Agent. categories: ["security"] release: ga diff --git a/packages/zscaler_zpa/data_stream/app_connector_status/fields/ecs.yml b/packages/zscaler_zpa/data_stream/app_connector_status/fields/ecs.yml index a8da6f8b3d3..c41cbe223b8 100644 --- a/packages/zscaler_zpa/data_stream/app_connector_status/fields/ecs.yml +++ b/packages/zscaler_zpa/data_stream/app_connector_status/fields/ecs.yml @@ -12,9 +12,8 @@ name: host.cpu.usage - external: ecs name: observer.geo.country_iso_code -- description: Longitude and latitude +- external: ecs name: observer.geo.location - type: geo_point - external: ecs name: observer.egress.interface.name - external: ecs diff --git a/packages/zscaler_zpa/data_stream/browser_access/fields/ecs.yml b/packages/zscaler_zpa/data_stream/browser_access/fields/ecs.yml index f59d7cbe5e6..8cd7447c476 100644 --- a/packages/zscaler_zpa/data_stream/browser_access/fields/ecs.yml +++ b/packages/zscaler_zpa/data_stream/browser_access/fields/ecs.yml @@ -10,9 +10,8 @@ name: client.geo.country_iso_code - external: ecs name: client.geo.region_iso_code -- description: Longitude and latitude +- external: ecs name: client.geo.location - type: geo_point - external: ecs name: client.geo.region_name - external: ecs diff --git a/packages/zscaler_zpa/docs/README.md b/packages/zscaler_zpa/docs/README.md index b643ebf6d1c..1972f57c659 100644 --- a/packages/zscaler_zpa/docs/README.md +++ b/packages/zscaler_zpa/docs/README.md @@ -166,7 +166,7 @@ Sample Response: | log.source.address | Source address from which the log event was read / sent from. | keyword | | observer.egress.interface.name | Interface name as reported by the system. | keyword | | observer.geo.country_iso_code | Country ISO code. | keyword | -| observer.geo.location | Longitude and latitude | geo_point | +| observer.geo.location | Longitude and latitude. | geo_point | | observer.ingress.interface.name | Interface name as reported by the system. | keyword | | observer.ip | IP addresses of the observer. | ip | | observer.os.platform | Operating system platform (such centos, ubuntu, windows). | keyword | @@ -530,7 +530,7 @@ An example event for `audit` looks as following: | client.geo.continent_name | Name of the continent. | keyword | | client.geo.country_iso_code | Country ISO code. | keyword | | client.geo.country_name | Country name. | keyword | -| client.geo.location | Longitude and latitude | geo_point | +| client.geo.location | Longitude and latitude. | geo_point | | client.geo.region_iso_code | Region ISO code. | keyword | | client.geo.region_name | Region name. | keyword | | client.ip | IP address of the client (IPv4 or IPv6). | ip |